Test Kennung:	1.3.6.1.4.1.25623.1.0.811481
Kategorie:	Web application abuses
Titel:	PHP Multiple Vulnerabilities - Jul17 (Windows)
Zusammenfassung:	PHP is prone to multiple vulnerabilities.
Beschreibung:	Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to - An ext/date/lib/parse_date.c out-of-bounds read affecting the php_parse_date function. - The openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function. - lack of bounds checks in the date extension's timelib_meridian parsing code. - A stack-based buffer overflow in the zend_ini_do_op() function in 'Zend/zend_ini_parser.c' script. - The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd) does not zero colorMap arrays before use. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to leak information from the interpreter, crash PHP interpreter and also disclose sensitive information. Affected Software/OS: PHP versions before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7 Solution: Update to PHP version 5.6.31, 7.0.21, 7.1.7, or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 99492 BugTraq ID: 99550 BugTraq ID: 99605 BugTraq ID: 99612 BugTraq ID: 99489 Common Vulnerability Exposure (CVE) ID: CVE-2017-7890 http://www.securityfocus.com/bid/99492 Debian Security Information: DSA-3938 (Google Search) http://www.debian.org/security/2017/dsa-3938 RedHat Security Advisories: RHSA-2018:0406 https://access.redhat.com/errata/RHSA-2018:0406 RedHat Security Advisories: RHSA-2018:1296 https://access.redhat.com/errata/RHSA-2018:1296
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.