PHP Multiple Vulnerabilities

Posted on Tuesday, August 12, 2008 @ 19:55:28 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA31409

VERIFY ADVISORY: http://secunia.com/advisories/31409/

CRITICAL: Moderately critical

IMPACT: Unknown, Exposure of sensitive information, DoS, System access

SOFTWARE: PHP 4.4.x - http://secunia.com/product/5768/

DESCRIPTION: Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.


1) Some vulnerabilities in PCRE can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or compromise an application using the library. For more information: SA27543 SA28923

2) An unspecified error in "imageloadfont" can cause a crash via an invalid font.

3) An unspecified error related to the "open_basedir" handling exists in the "curl" extension.

SOLUTION: Update to version 4.4.9 or higher.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: PHP: http://www.php.net/ChangeLog-4.php#4.4.9

OTHER REFERENCES:
SA27543: http://secunia.com/advisories/27543/
SA28923: http://secunia.com/advisories/28923/
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 361,698,100
  • Today: 18,335
Server InfoServer Info
  • Jul 17, 2018
  • 04:45 am PDT
 
 

Daily Inspiration