Test ID:	1.3.6.1.4.1.25623.1.0.100595
Category:	Web application abuses
Title:	PHP Printf() Function 64bit Casting Multiple Format String Vulnerabilities
Summary:	PHP is prone to multiple format-string vulnerabilities due to; a design error when casting 64-bit variables to 32 bits.
Description:	Summary: PHP is prone to multiple format-string vulnerabilities due to a design error when casting 64-bit variables to 32 bits. Vulnerability Impact: Attackers may be able to exploit these issues to execute arbitrary code in the context of the webserver process or to cause denial-of-service conditions. Affected Software/OS: These issues affect PHP versions prior to 4.4.5 and 5.2.1 running on 64-bit computers. Solution: The vendor released versions 5.2.1 and 4.4.5 to address these issues. Please see the references for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1884 BugTraq ID: 23219 http://www.securityfocus.com/bid/23219 HPdes Security Advisory: HPSBMA02215 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 HPdes Security Advisory: HPSBTU02232 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 HPdes Security Advisory: SSRT071423 HPdes Security Advisory: SSRT071429 http://www.php-security.org/MOPB/MOPB-38-2007.html http://www.osvdb.org/33955 http://www.osvdb.org/34767 http://secunia.com/advisories/25423 http://secunia.com/advisories/25850 http://www.vupen.com/english/advisories/2007/1991 http://www.vupen.com/english/advisories/2007/2374 XForce ISS Database: php-printf-format-string(33755) https://exchange.xforce.ibmcloud.com/vulnerabilities/33755
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.