Test ID:	1.3.6.1.4.1.25623.1.0.110066
Category:	Web application abuses
Title:	PHP 5.2 < 5.2.15
Summary:	Checks version of PHP
Description:	PHP 5.2 < 5.2.15 suffers multiple vulnerabilities such as crash in the zip extract method, NULL pointer dereference and stack-based buffer overfLow. Upgrade to PHP version 5.2.15 or later.
Cross-Ref:	BugTraq ID: 44718 BugTraq ID: 44723 BugTraq ID: 45335 BugTraq ID: 45952 BugTraq ID: 46448 Common Vulnerability Exposure (CVE) ID: CVE-2010-3436 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:218 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 http://www.ubuntu.com/usn/USN-1042-1 http://www.securityfocus.com/bid/44723 http://secunia.com/advisories/42729 http://secunia.com/advisories/42812 http://www.vupen.com/english/advisories/2010/3313 http://www.vupen.com/english/advisories/2011/0077 Common Vulnerability Exposure (CVE) ID: CVE-2010-3709 http://securityreason.com/achievement_securityalert/90 http://www.exploit-db.com/exploits/15431 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html HPdes Security Advisory: HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 HPdes Security Advisory: SSRT100409 http://www.redhat.com/support/errata/RHSA-2011-0195.html http://www.securityfocus.com/bid/44718 http://www.securitytracker.com/id?1024690 http://www.vupen.com/english/advisories/2011/0020 http://www.vupen.com/english/advisories/2011/0021 Common Vulnerability Exposure (CVE) ID: CVE-2010-4150 http://www.mandriva.com/security/advisories?name=MDVSA-2010:239 BugTraq ID: 44980 http://www.securityfocus.com/bid/44980 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12489 http://www.securitytracker.com/id?1024761 http://www.vupen.com/english/advisories/2010/3027 XForce ISS Database: php-phpimapc-dos(63390) http://xforce.iss.net/xforce/xfdb/63390 Common Vulnerability Exposure (CVE) ID: CVE-2010-4697 http://www.securityfocus.com/bid/45952 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12528 XForce ISS Database: php-zendengine-code-execution(65310) http://xforce.iss.net/xforce/xfdb/65310 Common Vulnerability Exposure (CVE) ID: CVE-2010-4698 http://seclists.org/fulldisclosure/2010/Dec/180 BugTraq ID: 45338 http://www.securityfocus.com/bid/45338 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11939 Common Vulnerability Exposure (CVE) ID: CVE-2011-0752 http://www.openwall.com/lists/oss-security/2010/12/13/4 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12016 XForce ISS Database: php-extract-security-bypass(65432) http://xforce.iss.net/xforce/xfdb/65432
Copyright	Copyright NopSec Inc. 2012

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: