Web application abuses : PHP 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.100643

Categoría: Web application abuses

Título: PHP 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities

Resumen: PHP is prone to multiple format-string vulnerabilities because it; fails to properly sanitize user-supplied input before passing it as; the format specifier to a formatted-printing function.

Descripción: Summary:
PHP is prone to multiple format-string vulnerabilities because it
fails to properly sanitize user-supplied input before passing it as
the format specifier to a formatted-printing function.

Vulnerability Impact:
Attackers can exploit these issues to run arbitrary code within the
context of the PHP process. This may allow them to bypass intended
security restrictions or gain elevated privileges.

Affected Software/OS:
PHP 5.3 through 5.3.2 are vulnerable.

Solution:
Updates are available. Please see the references for details.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2094
http://www.mandriva.com/security/advisories?name=MDVSA-2011:004
http://php-security.org/2010/05/14/mops-2010-024-php-phar_stream_flush-format-string-vulnerability/index.html
http://php-security.org/2010/05/14/mops-2010-025-php-phar_wrapper_open_dir-format-string-vulnerability/index.html
http://php-security.org/2010/05/14/mops-2010-026-php-phar_wrapper_unlink-format-string-vulnerability/index.html
http://php-security.org/2010/05/14/mops-2010-027-php-phar_parse_url-format-string-vulnerabilities/index.html
http://php-security.org/2010/05/14/mops-2010-028-php-phar_wrapper_open_url-format-string-vulnerabilities/index.html
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
SuSE Security Announcement: SUSE-SR:2010:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
http://www.vupen.com/english/advisories/2011/0068
Common Vulnerability Exposure (CVE) ID: CVE-2010-2950
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
HPdes Security Advisory: HPSBMA02662
http://marc.info/?l=bugtraq&m=130331363227777&w=2
HPdes Security Advisory: SSRT100409
http://www.mandriva.com/security/advisories?name=MDVSA-2010:254

Copyright Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.100643
Categoría:	Web application abuses
Título:	PHP 'ext/phar/stream.c' and 'ext/phar/dirstream.c' Multiple Format String Vulnerabilities
Resumen:	PHP is prone to multiple format-string vulnerabilities because it; fails to properly sanitize user-supplied input before passing it as; the format specifier to a formatted-printing function.
Descripción:	Summary: PHP is prone to multiple format-string vulnerabilities because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. Vulnerability Impact: Attackers can exploit these issues to run arbitrary code within the context of the PHP process. This may allow them to bypass intended security restrictions or gain elevated privileges. Affected Software/OS: PHP 5.3 through 5.3.2 are vulnerable. Solution: Updates are available. Please see the references for details. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2094 http://www.mandriva.com/security/advisories?name=MDVSA-2011:004 http://php-security.org/2010/05/14/mops-2010-024-php-phar_stream_flush-format-string-vulnerability/index.html http://php-security.org/2010/05/14/mops-2010-025-php-phar_wrapper_open_dir-format-string-vulnerability/index.html http://php-security.org/2010/05/14/mops-2010-026-php-phar_wrapper_unlink-format-string-vulnerability/index.html http://php-security.org/2010/05/14/mops-2010-027-php-phar_parse_url-format-string-vulnerabilities/index.html http://php-security.org/2010/05/14/mops-2010-028-php-phar_wrapper_open_url-format-string-vulnerabilities/index.html SuSE Security Announcement: SUSE-SR:2010:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html SuSE Security Announcement: SUSE-SR:2010:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://www.vupen.com/english/advisories/2011/0068 Common Vulnerability Exposure (CVE) ID: CVE-2010-2950 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html HPdes Security Advisory: HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 HPdes Security Advisory: SSRT100409 http://www.mandriva.com/security/advisories?name=MDVSA-2010:254
Copyright	Copyright (C) 2010 Greenbone Networks GmbH