FreeBSD Local Security Checks : FreeBSD Ports: php5-exif

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.69360

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: php5-exif

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: php5-exif

CVE-2011-0708
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms
performs an incorrect cast, which allows remote attackers to cause a
denial of service (application crash) via an image with a crafted
Image File Directory (IFD) that triggers a buffer over-read.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0708
16261
http://www.exploit-db.com/exploits/16261/
46365
http://www.securityfocus.com/bid/46365
8114
http://securityreason.com/securityalert/8114
ADV-2011-0744
http://www.vupen.com/english/advisories/2011/0744
ADV-2011-0764
http://www.vupen.com/english/advisories/2011/0764
ADV-2011-0890
http://www.vupen.com/english/advisories/2011/0890
APPLE-SA-2011-10-12-3
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
DSA-2266
http://www.debian.org/security/2011/dsa-2266
FEDORA-2011-3614
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html
FEDORA-2011-3636
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html
FEDORA-2011-3666
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html
HPSBOV02763
http://marc.info/?l=bugtraq&m=133469208622507&w=2
MDVSA-2011:052
http://www.mandriva.com/security/advisories?name=MDVSA-2011:052
MDVSA-2011:053
http://www.mandriva.com/security/advisories?name=MDVSA-2011:053
RHSA-2011:1423
http://www.redhat.com/support/errata/RHSA-2011-1423.html
RHSA-2012:0071
http://rhn.redhat.com/errata/RHSA-2012-0071.html
SSRT100826
[oss-security] 20110214 PHP Exif 64bit Casting Vulnerability, CVE request
http://openwall.com/lists/oss-security/2011/02/14/1
[oss-security] 20110216 Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request
http://openwall.com/lists/oss-security/2011/02/16/7
http://bugs.php.net/bug.php?id=54002
http://support.apple.com/kb/HT5002
http://svn.php.net/viewvc?view=revision&revision=308316
http://www.php.net/ChangeLog-5.php
http://www.php.net/archive/2011.php
http://www.php.net/releases/5_3_6.php
https://bugzilla.redhat.com/show_bug.cgi?id=680972

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.69360
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: php5-exif
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: php5-exif CVE-2011-0708 exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0708 16261 http://www.exploit-db.com/exploits/16261/ 46365 http://www.securityfocus.com/bid/46365 8114 http://securityreason.com/securityalert/8114 ADV-2011-0744 http://www.vupen.com/english/advisories/2011/0744 ADV-2011-0764 http://www.vupen.com/english/advisories/2011/0764 ADV-2011-0890 http://www.vupen.com/english/advisories/2011/0890 APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html DSA-2266 http://www.debian.org/security/2011/dsa-2266 FEDORA-2011-3614 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html FEDORA-2011-3636 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html FEDORA-2011-3666 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 MDVSA-2011:052 http://www.mandriva.com/security/advisories?name=MDVSA-2011:052 MDVSA-2011:053 http://www.mandriva.com/security/advisories?name=MDVSA-2011:053 RHSA-2011:1423 http://www.redhat.com/support/errata/RHSA-2011-1423.html RHSA-2012:0071 http://rhn.redhat.com/errata/RHSA-2012-0071.html SSRT100826 [oss-security] 20110214 PHP Exif 64bit Casting Vulnerability, CVE request http://openwall.com/lists/oss-security/2011/02/14/1 [oss-security] 20110216 Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request http://openwall.com/lists/oss-security/2011/02/16/7 http://bugs.php.net/bug.php?id=54002 http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc?view=revision&revision=308316 http://www.php.net/ChangeLog-5.php http://www.php.net/archive/2011.php http://www.php.net/releases/5_3_6.php https://bugzilla.redhat.com/show_bug.cgi?id=680972
Copyright	Copyright (C) 2011 E-Soft Inc.