Web application abuses : PHP 7.x < 7.0.4 Multiple Vulnerabilities (Jul 2016)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.808600

Categoría: Web application abuses

Título: PHP 7.x < 7.0.4 Multiple Vulnerabilities (Jul 2016) - Windows

Resumen: PHP is prone to multiple vulnerabilities.

Descripción: Summary:
PHP is prone to multiple vulnerabilities.

Vulnerability Insight:
The following flaws exist:

- An integer overflow in the 'str_pad' function in 'ext/standard/string.c' script.

- An integer overflow in the 'xml_utf8_encode' function in 'ext/xml/xml.c' script.

- An integer overflow in the 'php_filter_encode_url' function in 'ext/filter/sanitizing_filters.c'
script.

Vulnerability Impact:
Successfully exploiting this issue allow remote attackers to
cause a denial of service or possibly have unspecified other impact.

Affected Software/OS:
PHP versions 7.0.x prior to 7.0.4 on Windows.

Solution:
Update to version 7.0.4 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-4344
http://www.openwall.com/lists/oss-security/2016/04/28/2
Common Vulnerability Exposure (CVE) ID: CVE-2016-4345
Common Vulnerability Exposure (CVE) ID: CVE-2016-4346
SuSE Security Announcement: openSUSE-SU-2016:1357 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html
SuSE Security Announcement: openSUSE-SU-2016:1524 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.808600
Categoría:	Web application abuses
Título:	PHP 7.x < 7.0.4 Multiple Vulnerabilities (Jul 2016) - Windows
Resumen:	PHP is prone to multiple vulnerabilities.
Descripción:	Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - An integer overflow in the 'str_pad' function in 'ext/standard/string.c' script. - An integer overflow in the 'xml_utf8_encode' function in 'ext/xml/xml.c' script. - An integer overflow in the 'php_filter_encode_url' function in 'ext/filter/sanitizing_filters.c' script. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to cause a denial of service or possibly have unspecified other impact. Affected Software/OS: PHP versions 7.0.x prior to 7.0.4 on Windows. Solution: Update to version 7.0.4 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4344 http://www.openwall.com/lists/oss-security/2016/04/28/2 Common Vulnerability Exposure (CVE) ID: CVE-2016-4345 Common Vulnerability Exposure (CVE) ID: CVE-2016-4346 SuSE Security Announcement: openSUSE-SU-2016:1357 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html SuSE Security Announcement: openSUSE-SU-2016:1524 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html
Copyright	Copyright (C) 2016 Greenbone AG