Download
| Alert*
oval:org.secpod.oval:def:76812
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of ... oval:org.secpod.oval:def:602213 Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-4598 thoger at redhat dot com discovered that paths containing a NUL character were improperly handled, thus allowing an attacker to manipulate unexpected files on the server. CVE-2015-4643 Max Spelsberg discovered an intege ... oval:org.secpod.oval:def:505020 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An integer overflow flaw leading to a heap-based buffer over ... oval:org.secpod.oval:def:501581 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:504934 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:203664 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An uninitialized pointer use flaw was found in PHP"s Exif ex ... oval:org.secpod.oval:def:504917 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:1501376 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501359 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:25784 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:203655 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, ... oval:org.secpod.oval:def:52516 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702631 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1501366 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1200021 Upstream reports that six security-related issues in PHP were fixed in this release, as well as several security issues in bundled sqlite library . All PHP 5.4 users are encouraged to upgrade to this version. Please see the upstream release notes for full details. oval:org.secpod.oval:def:1200183 Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries . All PHP 5.5 users are encouraged to upgrade to this version. Please see the upstream release notes for full details. oval:org.secpod.oval:def:1200078 Upstream reports that several bugs have been fixed as well as several security issues into some bundled libraries . All PHP 5.6 users are encouraged to upgrade to this version. Please see the upstream release notes for full details. |