Test Kennung:	1.3.6.1.4.1.25623.1.0.68820
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: php5
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: php5 php52 CVE-2010-4645 strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4645 42812 http://secunia.com/advisories/42812 42843 http://secunia.com/advisories/42843 43051 http://secunia.com/advisories/43051 43189 http://secunia.com/advisories/43189 45668 http://www.securityfocus.com/bid/45668 ADV-2011-0060 http://www.vupen.com/english/advisories/2011/0060 ADV-2011-0066 http://www.vupen.com/english/advisories/2011/0066 ADV-2011-0077 http://www.vupen.com/english/advisories/2011/0077 ADV-2011-0198 http://www.vupen.com/english/advisories/2011/0198 APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html FEDORA-2011-0321 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html FEDORA-2011-0329 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html HPSBMU02752 http://marc.info/?l=bugtraq&m=133226187115472&w=2 HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 RHSA-2011:0195 http://www.redhat.com/support/errata/RHSA-2011-0195.html RHSA-2011:0196 http://www.redhat.com/support/errata/RHSA-2011-0196.html SSA:2011-010-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686 SSRT100802 SSRT100826 USN-1042-1 http://www.ubuntu.com/usn/USN-1042-1 [oss-security] 20110105 Re: possible flaw in widely used strtod.c implementation http://www.openwall.com/lists/oss-security/2011/01/05/8 [oss-security] 20110105 possible flaw in widely used strtod.c implementation http://www.openwall.com/lists/oss-security/2011/01/05/2 [oss-security] 20110106 Re: possible flaw in widely used strtod.c implementation http://www.openwall.com/lists/oss-security/2011/01/06/5 http://bugs.php.net/53632 http://hal.archives-ouvertes.fr/docs/00/28/14/29/PDF/floating-point-article.pdf http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/Zend/zend_strtod.c?r1=266327&r2=307095&pathrev=307095 http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/ php-zendstrtod-dos(64470) https://exchange.xforce.ibmcloud.com/vulnerabilities/64470 http://www.openwall.com/lists/oss-security/2023/05/14/3
Copyright	Copyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.