ID de Prueba:	1.3.6.1.4.1.25623.1.0.804291
Categoría:	Web application abuses
Título:	PHP 5.5.x < 5.5.9 Multiple Vulnerabilities (May 2014)
Resumen:	PHP is prone to multiple vulnerabilities.
Descripción:	Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2013-7226: Integer overflow in the 'gdImageCrop' function within ext/gd/gd.c script. - CVE-2013-7327: Improper data types check as using string or array data type in place of a numeric data type within ext/gd/gd.c script. - CVE-2013-7328: Multiple integer signedness errors in the 'gdImageCrop' function within ext/gd/gd.c script. - CVE-2014-2020: NULL pointer dereference errors related to the 'imagecrop' function implementation. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct denial of service, gain sensitive information and have some other unspecified impacts. Affected Software/OS: PHP version 5.5.x prior to 5.5.9. Solution: Update to version 5.5.9 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7226 BugTraq ID: 65533 http://www.securityfocus.com/bid/65533 http://www.mandriva.com/security/advisories?name=MDVSA-2014:027 http://www.securitytracker.com/id/1029767 http://secunia.com/advisories/56829 http://www.ubuntu.com/usn/USN-2126-1 XForce ISS Database: php-cve20137226-bo(91099) https://exchange.xforce.ibmcloud.com/vulnerabilities/91099 Common Vulnerability Exposure (CVE) ID: CVE-2013-7327 Common Vulnerability Exposure (CVE) ID: CVE-2013-7328 Common Vulnerability Exposure (CVE) ID: CVE-2014-2020
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.