Download
| Alert*
|
oval:org.secpod.oval:def:38491
The host is installed with Apple Mac OS X or Server 10.12.x through 10.12.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle apache_mod_php. Successful exploitation could allow attackers to cause an unexpected application ... oval:org.secpod.oval:def:76729 ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object oval:org.secpod.oval:def:1600460 ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via an unserialize call that references a partially constructed object .ext/mysqlnd/mysqlnd_wireprot ... oval:org.secpod.oval:def:111382 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:111381 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:1800722 CVE-2016-7411: A memory corruption error may occur during deserialized object destruction Reference Patch CVE-2016-7412: A heap overflow may occur in the processing of BIT fields in mysqlnd Reference Patch CVE-2016-7413: A use-after-free memory error may occur in wddx_deserialize Reference Patch CVE ... oval:org.secpod.oval:def:1800536 CVE-2016-7411: A memory corruption error may occur during deserialized object destruction. CVE-2016-7412: A heap overflow may occur in the processing of BIT fields in mysqlnd. CVE-2016-7413: A use-after-free memory error may occur in wddx_deserialize. CVE-2016-7414: An out-of-bounds memory error ... oval:org.secpod.oval:def:38489 The host is missing a critical security update according to Apple advisory, APPLE-SA-2016-12-13-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute a ... oval:org.secpod.oval:def:602641 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.26, which includes additional bug fixes. Please refer to the upstream changelog for more i ... oval:org.secpod.oval:def:703293 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:89045388 This update for php53 fixes the following security issues: * CVE-2016-7124: Create an Unexpected Object and Don"t Invoke __wakeup in Deserialization * CVE-2016-7125: PHP Session Data Injection Vulnerability * CVE-2016-7126: select_colors write out-of-bounds * CVE-2016-7127: imagegammacorrect allowed ... oval:org.secpod.oval:def:52811 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. |
