Download
| Alert*
|
oval:org.secpod.oval:def:595
The host is installed with PHP and is prone to Denial of Service vulnerability. The flaw is present in substr_replace() function, which makes the PHP to use the same pointer in three variables inside the function so when the pointer is changed by a type conversion inside the function, it invalids th ... oval:org.secpod.oval:def:202259 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value ... oval:org.secpod.oval:def:600730 Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1072 It was discoverd that insecure handling of temporary files in the PEAR installer could lead to denial of service. CVE-2011- ... oval:org.secpod.oval:def:500742 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value ... oval:org.secpod.oval:def:3925 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.3 and is prone to a use-after-free vulnerability. A flaw is present in the application, which uses the same variable for multiple arguments. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:700496 php5: HTML-embedded scripting language interpreter Multiple vulnerabilities in PHP. oval:org.secpod.oval:def:700499 php5: HTML-embedded scripting language interpreter Details: USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubu ... oval:org.secpod.oval:def:1300027 This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php. Please refer to the following Mandriva advisories for further information: MDVA-2012:004, MDVSA-2011:165, MDVSA-2011:166, MDVSA-2011:1 ... oval:org.secpod.oval:def:103114 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:103069 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:301125 Multiple vulnerabilities has been identified and fixed in php: Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by using the same variable for multiple argum ... oval:org.secpod.oval:def:3930 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:500010 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on ... oval:org.secpod.oval:def:103054 ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous gameplay . Features: Complex car physics, Challenging "story mode", LAN and Internet mode, Live scores, Track editor, Dedicated server with HTTP interface and More than 30 blocks. oval:org.secpod.oval:def:103161 eAccelerator is a further development of the MMCache PHP Accelerator & Encoder. It increases performance of PHP scripts by caching them in compiled state, so that the overhead of compiling is almost completely eliminated. oval:org.secpod.oval:def:1601224 PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, relate ... oval:org.secpod.oval:def:103203 ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous gameplay . Features: Complex car physics, Challenging "story mode", LAN and Internet mode, Live scores, Track editor, Dedicated server with HTTP interface and More than 30 blocks. oval:org.secpod.oval:def:200227 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on ... oval:org.secpod.oval:def:103006 eAccelerator is a further development of the MMCache PHP Accelerator & Encoder. It increases performance of PHP scripts by caching them in compiled state, so that the overhead of compiling is almost completely eliminated. oval:org.secpod.oval:def:1503544 Updated php53 and php packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed seve ... oval:org.secpod.oval:def:200628 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on ... |
