Download
| Alert*
oval:org.secpod.oval:def:24431
The host is installed with Apple Mac OS X or Server 10.8.5, 10.9.5 or 10.10.x through 10.10.2 and is prone to an arbitrary file overwrite vulnerability. A flaw is present in the application, which fails to properly handle pathnames that lack %00 sequences. Successful exploitation allows remote attac ... oval:org.secpod.oval:def:1600129 A denial of service flaw was found in the way the File Information extension parsed certain Composite Document Format files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and ... oval:org.secpod.oval:def:203435 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A buffer overflow flaw was found in the way the File Information extension processed ... oval:org.secpod.oval:def:1500734 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each v ... oval:org.secpod.oval:def:501396 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP"s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A buffer overflow flaw was found in the way the File Information extension processed ... oval:org.secpod.oval:def:76850 gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg ... oval:org.secpod.oval:def:107440 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:107442 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:24460 The host is missing a security update according to Apple advisory, APPLE-SA-2015-04-08-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to execute arbitrary code or crash ... |