Oracle Linux 5 : php (ELSA-2012-1045)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-1045 advisory. - fix issue in CVE-2012-0057 patch - fix memory handling in CVE-2012-0789 patch - add security fixes for CVE-2012-0057, CVE-2011-4153, CVE-2012-0789,...

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...