Test ID:	1.3.6.1.4.1.25623.1.0.808610
Category:	Denial of Service
Title:	PHP < 5.6.12 Multiple DoS Vulnerabilities - Windows
Summary:	PHP is prone to multiple denial of service (DoS); vulnerabilities.
Description:	Summary: PHP is prone to multiple denial of service (DoS) vulnerabilities. Vulnerability Insight: The following flaws exist: - Improper handling of driver behavior for SQL_WVARCHAR columns in the 'odbc_bindcols function' in 'ext/odbc/php_odbc.c' script. - The 'gdImageScaleTwoPass' function in gd_interpolation.c script in the GD Graphics Library uses inconsistent allocate and free approaches. Vulnerability Impact: Successfully exploiting these issues allow remote attackers to cause a denial of service (application crash or memory consuption). Affected Software/OS: PHP prior to version 5.6.12 on Windows. Solution: Update to version 5.6.12 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8874 Debian Security Information: DSA-3587 (Google Search) http://www.debian.org/security/2016/dsa-3587 RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html SuSE Security Announcement: openSUSE-SU-2016:1524 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://www.ubuntu.com/usn/USN-2987-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-8877 Common Vulnerability Exposure (CVE) ID: CVE-2015-8879
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.