Download
| Alert*
oval:org.secpod.oval:def:21226
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9 through 10.9.5 or 10.10 before 10.10.3 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a crafted ASCII file that triggers a large amount of backtracking. Successful exp ... oval:org.secpod.oval:def:1600160 acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information extension parsed certain Composite Document Format files. ... oval:org.secpod.oval:def:1600009 A denial of service flaw was found in the way the File Information extension parsed certain Composite Document Format files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. Buffer overflow in the mconvert function in softmagic.c in ... oval:org.secpod.oval:def:601707 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-0207 Francisco Alonso of the Red Hat Security Response Team reported an incorrec ... oval:org.secpod.oval:def:52254 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:203382 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A denial of service flaw was found in the File Information extension rules for detec ... oval:org.secpod.oval:def:203389 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. Multiple denial of service flaws were found in the way the File Information extensio ... oval:org.secpod.oval:def:1500666 Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed sev ... oval:org.secpod.oval:def:1500767 Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are av ... oval:org.secpod.oval:def:1600078 acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information extension parsed certain Composite Document Format files. ... oval:org.secpod.oval:def:702113 file: Tool to determine file types File could be made to crash or hang if it processed specially crafted data. oval:org.secpod.oval:def:702112 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:601774 This update corrects DSA 3021-1, which introduced a regression in the detection of a some "Composite Document Files" , marking them look as corrupted, with the error: "Can"t expand summary_info". On additional information, 5.11-2+deb7u4 changed the detection of certain text files ... oval:org.secpod.oval:def:203390 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. Multiple denial of service flaws were found in the way the File Information extensio ... oval:org.secpod.oval:def:52255 file: Tool to determine file types File could be made to crash or hang if it processed specially crafted data. oval:org.secpod.oval:def:501430 The "file" command is used to identify a particular file according to the type of data contained in the file. The command can identify various file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in ... oval:org.secpod.oval:def:501353 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A denial of service flaw was found in the File Information extension rules for detec ... oval:org.secpod.oval:def:204305 The file command is used to identify a particular file according to the type of data contained in the file. The command can identify various file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws were found in the way file ... oval:org.secpod.oval:def:501357 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. Multiple denial of service flaws were found in the way the File Information extensio ... oval:org.secpod.oval:def:1500670 Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed sev ... oval:org.secpod.oval:def:107160 The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. oval:org.secpod.oval:def:1503940 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available ... oval:org.secpod.oval:def:601770 Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. oval:org.secpod.oval:def:204215 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws ... oval:org.secpod.oval:def:107103 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:1501240 The remote host is missing a patch containing a security fix, which affects the following package(s): file oval:org.secpod.oval:def:501713 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Multiple denial of service flaws ... oval:org.secpod.oval:def:107162 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:24460 The host is missing a security update according to Apple advisory, APPLE-SA-2015-04-08-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to execute arbitrary code or crash ... oval:org.secpod.oval:def:21262 The host is missing a security update according to Apple advisory, APPLE-SA-2014-09-17-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain objects and security vectors. Successful exploitation allows attackers to execute ... |