Download
| Alert*
|
oval:org.secpod.oval:def:76807
Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field. oval:org.secpod.oval:def:52590 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702772 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1200168 PHP process crashes when processing an invalid file with the "phar" extension. As discussed upstream, mysqlnd is vulnerable to the attack described in https://www.duosecurity.com/blog/backronym-mysql-vulnerability. PHP versions before 5.5.27 and 5.4.43 contain buffer overflow issue oval:org.secpod.oval:def:1200107 PHP process crashes when processing an invalid file with the "phar" extension. As discussed upstream, mysqlnd is vulnerable to the attack described in https://www.duosecurity.com/blog/backronym-mysql-vulnerability. PHP versions before 5.5.27 and 5.4.43 contain buffer overflow issue oval:org.secpod.oval:def:1200159 PHP process crashes when processing an invalid file with the "phar" extension. As discussed upstream, mysqlnd is vulnerable to the attack described in https://www.duosecurity.com/blog/backronym-mysql-vulnerability. PHP versions before 5.5.27 and 5.4.43 contain buffer overflow issue oval:org.secpod.oval:def:504897 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary c ... |
