Download
| Alert*
|
oval:org.secpod.oval:def:1600160
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information extension parsed certain Composite Document Format files. ... oval:org.secpod.oval:def:1500734 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each v ... oval:org.secpod.oval:def:601707 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-0207 Francisco Alonso of the Red Hat Security Response Team reported an incorrec ... oval:org.secpod.oval:def:52254 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:601774 This update corrects DSA 3021-1, which introduced a regression in the detection of a some "Composite Document Files" , marking them look as corrupted, with the error: "Can"t expand summary_info". On additional information, 5.11-2+deb7u4 changed the detection of certain text files ... oval:org.secpod.oval:def:501396 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A buffer overflow flaw was found in the way the File Information extension processed ... oval:org.secpod.oval:def:52255 file: Tool to determine file types File could be made to crash or hang if it processed specially crafted data. oval:org.secpod.oval:def:107160 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:601770 Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. oval:org.secpod.oval:def:1600009 A denial of service flaw was found in the way the File Information extension parsed certain Composite Document Format files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. Buffer overflow in the mconvert function in softmagic.c in ... oval:org.secpod.oval:def:1600078 acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information extension parsed certain Composite Document Format files. ... oval:org.secpod.oval:def:203435 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A buffer overflow flaw was found in the way the File Information extension processed ... oval:org.secpod.oval:def:21225 The host is installed with Apple Mac OS X or Server 10.8.5, 10.9 through 10.9.5 or 10.10 before 10.10.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted ASCII file that triggers a large amount of backtracking. Successful exp ... oval:org.secpod.oval:def:702113 file: Tool to determine file types File could be made to crash or hang if it processed specially crafted data. oval:org.secpod.oval:def:702112 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:204215 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws ... oval:org.secpod.oval:def:501713 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws ... oval:org.secpod.oval:def:107162 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:107103 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:1501240 The remote host is missing a patch containing a security fix, which affects the following package(s): file oval:org.secpod.oval:def:24460 The host is missing a security update according to Apple advisory, APPLE-SA-2015-04-08-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to execute arbitrary code or crash ... oval:org.secpod.oval:def:21262 The host is missing a security update according to Apple advisory, APPLE-SA-2014-09-17-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain objects and security vectors. Successful exploitation allows attackers to execute ... |
