Web application abuses : PHP 5.2.x < 5.2.14, 5.3.x

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.100726

Categoría: Web application abuses

Título: PHP 5.2.x < 5.2.14, 5.3.x < 5.3.3 Multiple Vulnerabilities

Resumen: PHP is prone to multiple security vulnerabilities.

Descripción: Summary:
PHP is prone to multiple security vulnerabilities.

Vulnerability Impact:
An attacker can exploit these issues to execute arbitrary code,
crash the affected application, gain access to sensitive information and bypass security
restrictions. Other attacks are also possible.

Affected Software/OS:
PHP versions 5.2.x prior to 5.2.14 and 5.3.x prior to
5.3.3.

Solution:
Updates are available. Please see the references for more
information.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-2484
APPLE-SA-2010-08-24-1
http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
APPLE-SA-2010-11-10-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
HPSBOV02763
http://marc.info/?l=bugtraq&m=133469208622507&w=2
SSRT100826
SUSE-SR:2010:018
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
http://support.apple.com/kb/HT4312
http://support.apple.com/kb/HT4435
http://www.php.net/releases/5_2_14.php
https://bugzilla.redhat.com/show_bug.cgi?id=619324
Common Vulnerability Exposure (CVE) ID: CVE-2010-2531
42410
http://secunia.com/advisories/42410
ADV-2010-3081
http://www.vupen.com/english/advisories/2010/3081
DSA-2266
http://www.debian.org/security/2011/dsa-2266
HPSBMA02662
http://marc.info/?l=bugtraq&m=130331363227777&w=2
RHSA-2010:0919
http://www.redhat.com/support/errata/RHSA-2010-0919.html
SSRT100409
SUSE-SR:2010:017
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
[oss-security] 20100713 CVE request, php var_export
http://www.openwall.com/lists/oss-security/2010/07/13/1
[oss-security] 20100716 Re: Re: CVE request, php var_export
http://www.openwall.com/lists/oss-security/2010/07/16/3
http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/tests/general_functions/var_export_error2.phpt?view=log&pathrev=301143
http://www.php.net/archive/2010.php#id2010-07-22-1
http://www.php.net/archive/2010.php#id2010-07-22-2
https://bugzilla.redhat.com/show_bug.cgi?id=617673

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.100726
Categoría:	Web application abuses
Título:	PHP 5.2.x < 5.2.14, 5.3.x < 5.3.3 Multiple Vulnerabilities
Resumen:	PHP is prone to multiple security vulnerabilities.
Descripción:	Summary: PHP is prone to multiple security vulnerabilities. Vulnerability Impact: An attacker can exploit these issues to execute arbitrary code, crash the affected application, gain access to sensitive information and bypass security restrictions. Other attacks are also possible. Affected Software/OS: PHP versions 5.2.x prior to 5.2.14 and 5.3.x prior to 5.3.3. Solution: Updates are available. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2484 APPLE-SA-2010-08-24-1 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html APPLE-SA-2010-11-10-1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 SSRT100826 SUSE-SR:2010:018 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://support.apple.com/kb/HT4312 http://support.apple.com/kb/HT4435 http://www.php.net/releases/5_2_14.php https://bugzilla.redhat.com/show_bug.cgi?id=619324 Common Vulnerability Exposure (CVE) ID: CVE-2010-2531 42410 http://secunia.com/advisories/42410 ADV-2010-3081 http://www.vupen.com/english/advisories/2010/3081 DSA-2266 http://www.debian.org/security/2011/dsa-2266 HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 RHSA-2010:0919 http://www.redhat.com/support/errata/RHSA-2010-0919.html SSRT100409 SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100713 CVE request, php var_export http://www.openwall.com/lists/oss-security/2010/07/13/1 [oss-security] 20100716 Re: Re: CVE request, php var_export http://www.openwall.com/lists/oss-security/2010/07/16/3 http://svn.php.net/viewvc/php/php-src/trunk/ext/standard/tests/general_functions/var_export_error2.phpt?view=log&pathrev=301143 http://www.php.net/archive/2010.php#id2010-07-22-1 http://www.php.net/archive/2010.php#id2010-07-22-2 https://bugzilla.redhat.com/show_bug.cgi?id=617673
Copyright	Copyright (C) 2010 Greenbone AG