ID de Prueba:	1.3.6.1.4.1.25623.1.0.100595
Categoría:	Web application abuses
Título:	PHP Printf() Function 64bit Casting Multiple Format String Vulnerabilities
Resumen:	PHP is prone to multiple format-string vulnerabilities due to; a design error when casting 64-bit variables to 32 bits.
Descripción:	Summary: PHP is prone to multiple format-string vulnerabilities due to a design error when casting 64-bit variables to 32 bits. Vulnerability Impact: Attackers may be able to exploit these issues to execute arbitrary code in the context of the webserver process or to cause denial-of-service conditions. Affected Software/OS: PHP version 4.x prior to 4.4.5 and 5.x prior to 5.2.1 running on 64-bit computers. Solution: Update to version 4.4.5, 5.2.1 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1884 BugTraq ID: 23219 http://www.securityfocus.com/bid/23219 HPdes Security Advisory: HPSBMA02215 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 HPdes Security Advisory: HPSBTU02232 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 HPdes Security Advisory: SSRT071423 HPdes Security Advisory: SSRT071429 http://www.php-security.org/MOPB/MOPB-38-2007.html http://www.osvdb.org/33955 http://www.osvdb.org/34767 http://secunia.com/advisories/25423 http://secunia.com/advisories/25850 http://www.vupen.com/english/advisories/2007/1991 http://www.vupen.com/english/advisories/2007/2374 XForce ISS Database: php-printf-format-string(33755) https://exchange.xforce.ibmcloud.com/vulnerabilities/33755
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.