Web application abuses : PHP < 5.4.44, 5.5.x < 5.5.28, 5.6.x < 5.6.12 Multiple Vulnerabilities (Jul 2016)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.808605
Categoría:	Web application abuses
Título:	PHP < 5.4.44, 5.5.x < 5.5.28, 5.6.x < 5.6.12 Multiple Vulnerabilities (Jul 2016) - Windows
Resumen:	PHP is prone to multiple vulnerabilities.
Descripción:	Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An improper validation of certain Exception objects in 'Zend/zend_exceptions.c' script. - The 'openssl_random_pseudo_bytes' function in 'ext/openssl/openssl.c' incorrectly relies on the deprecated 'RAND_pseudo_bytes' function. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution to defeat cryptographic protection mechanisms. Affected Software/OS: PHP prior to version 5.4.44, 5.5.x prior to 5.5.28 and 5.6.x prior to 5.6.12 on Windows. Solution: Update to version 5.4.44, 5.5.28, 5.6.12 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8835 BugTraq ID: 84426 http://www.securityfocus.com/bid/84426 RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html SuSE Security Announcement: SUSE-SU-2016:1145 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html SuSE Security Announcement: SUSE-SU-2016:1166 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html SuSE Security Announcement: openSUSE-SU-2016:1167 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html SuSE Security Announcement: openSUSE-SU-2016:1173 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html http://www.ubuntu.com/usn/USN-2952-1 http://www.ubuntu.com/usn/USN-2952-2 Common Vulnerability Exposure (CVE) ID: CVE-2015-8867 http://www.openwall.com/lists/oss-security/2016/04/24/1 SuSE Security Announcement: SUSE-SU-2016:1277 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00033.html SuSE Security Announcement: openSUSE-SU-2016:1274 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html SuSE Security Announcement: openSUSE-SU-2016:1373 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00056.html Common Vulnerability Exposure (CVE) ID: CVE-2015-8873 SuSE Security Announcement: openSUSE-SU-2016:1524 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html Common Vulnerability Exposure (CVE) ID: CVE-2015-8876
Copyright	Copyright (C) 2016 Greenbone AG