Download
| Alert*
oval:org.secpod.oval:def:76739
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. oval:org.secpod.oval:def:602641 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.26, which includes additional bug fixes. Please refer to the upstream changelog for more i ... oval:org.secpod.oval:def:703293 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:37430 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:51512 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:89045388 This update for php53 fixes the following security issues: * CVE-2016-7124: Create an Unexpected Object and Don"t Invoke __wakeup in Deserialization * CVE-2016-7125: PHP Session Data Injection Vulnerability * CVE-2016-7126: select_colors write out-of-bounds * CVE-2016-7127: imagegammacorrect allowed ... oval:org.secpod.oval:def:52811 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:504988 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. The ... |