Download
| Alert*
oval:org.secpod.oval:def:594
The host is installed with PHP and is prone to denial of service vulnerability on windows. The flaw is caused due to integer signedness error in zip_stream.c in the Zip extension. Successful exploitation could allow remote attackers to cause a denial of service via a malformed archive file that trig ... oval:org.secpod.oval:def:200628 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on ... oval:org.secpod.oval:def:500010 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on ... oval:org.secpod.oval:def:200227 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character had no effect on ... oval:org.secpod.oval:def:1503544 Updated php53 and php packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed seve ... oval:org.secpod.oval:def:301089 Multiple vulnerabilities has been identified and fixed in php: The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service via an ... oval:org.secpod.oval:def:3137 The host is installed with Apple Mac OS X 10.6.8 and is prone to denial of service vulnerability. The flaw is caused due to integer signedness error in zip_stream.c in the Zip extension. Successful exploitation could allow remote attackers to cause a denial of service via a malformed archive file th ... oval:org.secpod.oval:def:301094 Multiple vulnerabilities has been identified and fixed in php: The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service via an ... oval:org.secpod.oval:def:700496 php5: HTML-embedded scripting language interpreter Multiple vulnerabilities in PHP. oval:org.secpod.oval:def:700499 php5: HTML-embedded scripting language interpreter Details: USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubu ... oval:org.secpod.oval:def:600574 Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. CVE-2010-2531 An information leak was found in the var_export function. CVE-2011-0421 The Zip module could crash. CVE-2011-0708 An integer overflow was discovered in ... oval:org.secpod.oval:def:600581 The update for CVE-2010-2531 for the old stabledistribution introduced a regression, which lead to additional output being written to stdout. |