Web application abuses : PHP 5.2 < 5.2.15 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.110066

Categoría: Web application abuses

Título: PHP 5.2 < 5.2.15 Multiple Vulnerabilities

Resumen: PHP is prone to multiple vulnerabilities.

Descripción: Summary:
PHP is prone to multiple vulnerabilities.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3436
42729
http://secunia.com/advisories/42729
42812
http://secunia.com/advisories/42812
44723
http://www.securityfocus.com/bid/44723
ADV-2010-3313
http://www.vupen.com/english/advisories/2010/3313
ADV-2011-0077
http://www.vupen.com/english/advisories/2011/0077
APPLE-SA-2011-03-21-1
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
APPLE-SA-2011-10-12-3
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
MDVSA-2010:218
http://www.mandriva.com/security/advisories?name=MDVSA-2010:218
SSA:2010-357-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619
USN-1042-1
http://www.ubuntu.com/usn/USN-1042-1
http://security-tracker.debian.org/tracker/CVE-2010-3436
http://support.apple.com/kb/HT4581
http://support.apple.com/kb/HT5002
http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824&r2=303823&pathrev=303824
http://svn.php.net/viewvc?view=revision&revision=303824
http://www.php.net/ChangeLog-5.php
http://www.php.net/archive/2010.php#id2010-12-10-1
http://www.php.net/releases/5_2_15.php
http://www.php.net/releases/5_3_4.php
Common Vulnerability Exposure (CVE) ID: CVE-2010-3709
1024690
http://www.securitytracker.com/id?1024690
15431
http://www.exploit-db.com/exploits/15431
20101105 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference
http://securityreason.com/achievement_securityalert/90
44718
http://www.securityfocus.com/bid/44718
ADV-2011-0020
http://www.vupen.com/english/advisories/2011/0020
ADV-2011-0021
http://www.vupen.com/english/advisories/2011/0021
FEDORA-2010-18976
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
FEDORA-2010-19011
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
HPSBMA02662
http://marc.info/?l=bugtraq&m=130331363227777&w=2
HPSBOV02763
http://marc.info/?l=bugtraq&m=133469208622507&w=2
RHSA-2011:0195
http://www.redhat.com/support/errata/RHSA-2011-0195.html
SSRT100409
SSRT100826
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log
Common Vulnerability Exposure (CVE) ID: CVE-2010-4150
BugTraq ID: 44980
http://www.securityfocus.com/bid/44980
HPdes Security Advisory: HPSBOV02763
HPdes Security Advisory: SSRT100826
http://www.mandriva.com/security/advisories?name=MDVSA-2010:239
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489
http://www.securitytracker.com/id?1024761
http://www.vupen.com/english/advisories/2010/3027
XForce ISS Database: php-phpimapc-dos(63390)
https://exchange.xforce.ibmcloud.com/vulnerabilities/63390
Common Vulnerability Exposure (CVE) ID: CVE-2010-4697
BugTraq ID: 45952
http://www.securityfocus.com/bid/45952
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12528
XForce ISS Database: php-zendengine-code-execution(65310)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65310
Common Vulnerability Exposure (CVE) ID: CVE-2010-4698
BugTraq ID: 45338
http://www.securityfocus.com/bid/45338
http://seclists.org/fulldisclosure/2010/Dec/180
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11939
Common Vulnerability Exposure (CVE) ID: CVE-2011-0752
http://www.openwall.com/lists/oss-security/2010/12/13/4
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12016
XForce ISS Database: php-extract-security-bypass(65432)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65432

Copyright Copyright (C) 2012 NopSec Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.110066
Categoría:	Web application abuses
Título:	PHP 5.2 < 5.2.15 Multiple Vulnerabilities
Resumen:	PHP is prone to multiple vulnerabilities.
Descripción:	Summary: PHP is prone to multiple vulnerabilities. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3436 42729 http://secunia.com/advisories/42729 42812 http://secunia.com/advisories/42812 44723 http://www.securityfocus.com/bid/44723 ADV-2010-3313 http://www.vupen.com/english/advisories/2010/3313 ADV-2011-0077 http://www.vupen.com/english/advisories/2011/0077 APPLE-SA-2011-03-21-1 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html MDVSA-2010:218 http://www.mandriva.com/security/advisories?name=MDVSA-2010:218 SSA:2010-357-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 USN-1042-1 http://www.ubuntu.com/usn/USN-1042-1 http://security-tracker.debian.org/tracker/CVE-2010-3436 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824&r2=303823&pathrev=303824 http://svn.php.net/viewvc?view=revision&revision=303824 http://www.php.net/ChangeLog-5.php http://www.php.net/archive/2010.php#id2010-12-10-1 http://www.php.net/releases/5_2_15.php http://www.php.net/releases/5_3_4.php Common Vulnerability Exposure (CVE) ID: CVE-2010-3709 1024690 http://www.securitytracker.com/id?1024690 15431 http://www.exploit-db.com/exploits/15431 20101105 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference http://securityreason.com/achievement_securityalert/90 44718 http://www.securityfocus.com/bid/44718 ADV-2011-0020 http://www.vupen.com/english/advisories/2011/0020 ADV-2011-0021 http://www.vupen.com/english/advisories/2011/0021 FEDORA-2010-18976 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html FEDORA-2010-19011 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 RHSA-2011:0195 http://www.redhat.com/support/errata/RHSA-2011-0195.html SSRT100409 SSRT100826 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log Common Vulnerability Exposure (CVE) ID: CVE-2010-4150 BugTraq ID: 44980 http://www.securityfocus.com/bid/44980 HPdes Security Advisory: HPSBOV02763 HPdes Security Advisory: SSRT100826 http://www.mandriva.com/security/advisories?name=MDVSA-2010:239 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489 http://www.securitytracker.com/id?1024761 http://www.vupen.com/english/advisories/2010/3027 XForce ISS Database: php-phpimapc-dos(63390) https://exchange.xforce.ibmcloud.com/vulnerabilities/63390 Common Vulnerability Exposure (CVE) ID: CVE-2010-4697 BugTraq ID: 45952 http://www.securityfocus.com/bid/45952 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12528 XForce ISS Database: php-zendengine-code-execution(65310) https://exchange.xforce.ibmcloud.com/vulnerabilities/65310 Common Vulnerability Exposure (CVE) ID: CVE-2010-4698 BugTraq ID: 45338 http://www.securityfocus.com/bid/45338 http://seclists.org/fulldisclosure/2010/Dec/180 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11939 Common Vulnerability Exposure (CVE) ID: CVE-2011-0752 http://www.openwall.com/lists/oss-security/2010/12/13/4 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12016 XForce ISS Database: php-extract-security-bypass(65432) https://exchange.xforce.ibmcloud.com/vulnerabilities/65432
Copyright	Copyright (C) 2012 NopSec Inc.