Download
| Alert*
|
oval:org.secpod.oval:def:1600402
A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT function ... oval:org.secpod.oval:def:52590 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702772 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:31477 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle unserializing objects. Successful exploitation could allow remote attackers to cause P ... oval:org.secpod.oval:def:109512 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:602229 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to new upstream versions , which include additional bug fixes. Please refer to the upstream changelog for more information ... oval:org.secpod.oval:def:76805 The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content. oval:org.secpod.oval:def:109508 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:31533 The host is missing a security update according to Apple advisory, APPLE-SA-2015-10-21-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:1200096 As reported upstream, A NULL pointer dereference flaw was found in the way PHP"s Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. Use after free vulnerability was found in unserialize function. We can create ZVAL and free it via Serializable::unserialize. Ho ... oval:org.secpod.oval:def:504897 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary c ... oval:org.secpod.oval:def:1200156 As reported upstream, A NULL pointer dereference flaw was found in the way PHP"s Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. Use after free vulnerability was found in unserialize function. We can create ZVAL and free it via Serializable::unserialize. Ho ... |
