 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.809316 |
| Categoría: | Web application abuses |
| Título: | PHP < 5.6.26, 7.x < 7.0.11 Multiple Vulnerabilities (Sep 2016) - Windows |
| Resumen: | PHP is prone to multiple vulnerabilities. |
| Descripción: | Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - Use-after-free vulnerability in the 'wddx_stack_destroy' function in 'ext/wddx/wddx.c' script. - Improper verification of a BIT field has the UNSIGNED_FLAG flag in 'ext/mysqlnd/mysqlnd_wireprotocol.c' script. - The ZIP signature-verification feature does not ensure that the uncompressed_filesize field is large enough. - The script 'ext/spl/spl_array.c' proceeds with SplArray unserialization without validating a return value and data type. - The script 'ext/intl/msgformat/msgformat_format.c' does not properly restrict the locale length provided to the Locale class in the ICU library. - An error in the php_wddx_push_element function in ext/wddx/wddx.c. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to cause a denial of service, or possibly have unspecified other impact. Affected Software/OS: PHP prior to version 5.6.26 and 7.x prior to 7.0.11 on Windows. Solution: Update to version 5.6.26, 7.0.11 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-7412 BugTraq ID: 93005 http://www.securityfocus.com/bid/93005 https://security.gentoo.org/glsa/201611-22 http://www.openwall.com/lists/oss-security/2016/09/15/10 RedHat Security Advisories: RHSA-2018:1296 https://access.redhat.com/errata/RHSA-2018:1296 http://www.securitytracker.com/id/1036836 Common Vulnerability Exposure (CVE) ID: CVE-2016-7413 BugTraq ID: 93006 http://www.securityfocus.com/bid/93006 Common Vulnerability Exposure (CVE) ID: CVE-2016-7414 BugTraq ID: 93004 http://www.securityfocus.com/bid/93004 Common Vulnerability Exposure (CVE) ID: CVE-2016-7416 BugTraq ID: 93008 http://www.securityfocus.com/bid/93008 Common Vulnerability Exposure (CVE) ID: CVE-2016-7417 BugTraq ID: 93007 http://www.securityfocus.com/bid/93007 Common Vulnerability Exposure (CVE) ID: CVE-2016-7418 BugTraq ID: 93011 http://www.securityfocus.com/bid/93011 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |