[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2408-1 php5 -- several

ID: oval:org.secpod.oval:def:600730Date: (C)2012-02-27   (M)2023-12-07
Class: PATCHFamily: unix




Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1072 It was discoverd that insecure handling of temporary files in the PEAR installer could lead to denial of service. CVE-2011-4153 Maksymilian Arciemowicz discovered that a NULL pointer dereference in the zend_strndup function could lead to denial of service. CVE-2012-0781 Maksymilian Arciemowicz discovered that a NULL pointer dereference in the tidy_diagnose function could lead to denial of service. CVE-2012-0788 It was discovered that missing checks in the handling of PDORow objects could lead to denial of service. CVE-2012-0831 It was discovered that the magic_quotes_gpc setting could be disabled remotely This update also addresses PHP bugs, which are not treated as security issues in Debian , but which were fixed nonetheless: CVE-2010-4697, CVE-2011-1092, CVE-2011-1148, CVE-2011-1464, CVE-2011-1467 CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1657, CVE-2011-3182 CVE-2011-3267

Platform:
Debian 6.0
Product:
php5
Reference:
DSA-2408-1
CVE-2011-1072
CVE-2011-4153
CVE-2012-0781
CVE-2012-0788
CVE-2012-0831
CVE-2010-4697
CVE-2011-1092
CVE-2011-1148
CVE-2011-1464
CVE-2011-1467
CVE-2011-1468
CVE-2011-1469
CVE-2011-1470
CVE-2011-1657
CVE-2011-3182
CVE-2011-3267
CVE    16
CVE-2012-0788
CVE-2011-1657
CVE-2011-3267
CVE-2011-3182
...
CPE    122
cpe:/a:php:php:3.0
cpe:/a:php:php:5.0.0:rc3
cpe:/a:php:php:5.0.0:rc2
cpe:/a:php:php:5.0.0:rc1
...

© SecPod Technologies