Test Kennung:	1.3.6.1.4.1.25623.1.0.142131
Kategorie:	Web application abuses
Titel:	PHP Multiple Vulnerabilities - Mar19 (Linux)
Zusammenfassung:	PHP is prone to multiple vulnerabilities.
Beschreibung:	Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: PHP is prone to multiple vulnerabilities: - Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data. (CVE-2019-9637) - Uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len (CVE-2019-9638) - Uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable (CVE-2019-9639) - Invalid Read in exif_process_SOFn (CVE-2019-9640) - Uninitialized read in exif_process_IFD_in_TIFF (CVE-2019-9641) Affected Software/OS: PHP version 7.x before 7.1.27, 7.2.x before 7.2.16 and 7.3.x before 7.3.3. Solution: Update to version 7.1.27, 7.2.16, 7.3.3 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9637 Debian Security Information: DSA-4403 (Google Search) https://www.debian.org/security/2019/dsa-4403 https://bugs.php.net/bug.php?id=77630 https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html RedHat Security Advisories: RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:2519 RedHat Security Advisories: RHSA-2019:3299 https://access.redhat.com/errata/RHSA-2019:3299 SuSE Security Announcement: openSUSE-SU-2019:1293 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html SuSE Security Announcement: openSUSE-SU-2019:1503 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html SuSE Security Announcement: openSUSE-SU-2019:1572 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html SuSE Security Announcement: openSUSE-SU-2019:1573 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html https://usn.ubuntu.com/3922-1/ https://usn.ubuntu.com/3922-2/ https://usn.ubuntu.com/3922-3/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9638 https://bugs.php.net/bug.php?id=77563 Common Vulnerability Exposure (CVE) ID: CVE-2019-9639 https://bugs.php.net/bug.php?id=77659 Common Vulnerability Exposure (CVE) ID: CVE-2019-9640 https://bugs.php.net/bug.php?id=77540 Common Vulnerability Exposure (CVE) ID: CVE-2019-9641 https://bugs.php.net/bug.php?id=77509 SuSE Security Announcement: openSUSE-SU-2019:1256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.