Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51994
Category:CGI abuses
Title:PHP Image File Format Remote Denial Of Service
Summary:NOSUMMARY
Description:Description:

The remote host is running a version of PHP older than 4.3.11,
or older than 5.0.4. These versions are vulnerable to several
denial of service vulnerabilities dealing with image handling.
The problems can be triggered in environments where 'getimagesize'
is invoked on user-supplied images.

Solution : Upgrade to PHP 5.0.4/4.3.11 or later.
Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: BugTraq ID: 12962
BugTraq ID: 12963
Common Vulnerability Exposure (CVE) ID: CVE-2005-0524
http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html
http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml
http://www.securityfocus.com/archive/1/394797
http://www.mandriva.com/security/advisories?name=MDKSA-2005:072
http://www.osvdb.org/15183
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9310
http://www.redhat.com/support/errata/RHSA-2005-405.html
http://www.redhat.com/support/errata/RHSA-2005-406.html
http://securitytracker.com/id?1013619
http://secunia.com/advisories/14792
SuSE Security Announcement: SUSE-SA:2005:023 (Google Search)
http://www.vupen.com/english/advisories/2005/0305
XForce ISS Database: php-phphandleiff-dos(19920)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19920
Common Vulnerability Exposure (CVE) ID: CVE-2005-0525
Debian Security Information: DSA-708 (Google Search)
http://www.debian.org/security/2005/dsa-708
Debian Security Information: DSA-729 (Google Search)
http://www.debian.org/security/2005/dsa-729
http://www.osvdb.org/15184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11703
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.