| Description: | Description:
The remote host is missing an update to php
announced via advisory MDKSA-2007:090.
A heap-based buffer overflow vulnerability was found in PHP's gd
extension. A script that could be forced to process WBMP images
from an untrusted source could result in arbitrary code execution
(CVE-2007-1001).
A DoS flaw was found in how PHP processed a deeply nested array.
A remote attacker could cause the PHP intrerpreter to creash
by submitting an input variable with a deeply nested array
(CVE-2007-1285).
The internal filter module in PHP in certain instances did not properly
strip HTML tags, which allowed a remote attacker conduct cross-site
scripting (XSS) attacks (CVE-2007-1454).
A vulnerability in the way the mbstring extension set global variables
was discovered where a script using the mb_parse_str() function to
set global variables could be forced to to enable the register_globals
configuration option, possibly resulting in global variable injection
(CVE-2007-1583).
A vulnerability in how PHP's mail() function processed header data was
discovered. If a script sent mail using a subject header containing
a string from an untrusted source, a remote attacker could send bulk
email to unintended recipients (CVE-2007-1718).
Updated packages have been patched to correct these issues. Also note
that the default use of Suhosin helped to protect against some of
these issues prior to patching.
Affected: 2007.1
Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:090
Risk factor : High
CVSS Score:
7.8
|
