Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702974
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2974-1 (php5 - security update)
Summary:Several vulnerabilities were found in PHP, a general-purpose scripting;language commonly used for web application development. The Common;Vulnerabilities and Exposures project identifies the following problems:;;CVE-2014-0207;Francisco Alonso of the Red Hat Security Response Team reported an;incorrect boundary check in the cdf_read_short_sector() function.;;CVE-2014-3478;Francisco Alonso of the Red Hat Security Response Team discovered a;flaw in the way the truncated pascal string size in the mconvert();function is computed.;;CVE-2014-3479;Francisco Alonso of the Red Hat Security Response Team reported an;incorrect boundary check in the cdf_check_stream_offset() function.;;CVE-2014-3480;Francisco Alonso of the Red Hat Security Response Team reported an;insufficient boundary check in the cdf_count_chain() function.;;CVE-2014-3487;Francisco Alonso of the Red Hat Security Response Team discovered an;incorrect boundary check in the cdf_read_property_info() function.;;CVE-2014-3515;Stefan Esser discovered that the ArrayObject and the;SPLObjectStorage unserialize() handler do not verify the type of;unserialized data before using it. A remote attacker could use this;flaw to execute arbitrary code.;;CVE-2014-4721;Stefan Esser discovered a type confusion issue affecting phpinfo(),;which might allow an attacker to obtain sensitive information from;process memory.
Description:Summary:
Several vulnerabilities were found in PHP, a general-purpose scripting
language commonly used for web application development. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2014-0207
Francisco Alonso of the Red Hat Security Response Team reported an
incorrect boundary check in the cdf_read_short_sector() function.

CVE-2014-3478
Francisco Alonso of the Red Hat Security Response Team discovered a
flaw in the way the truncated pascal string size in the mconvert()
function is computed.

CVE-2014-3479
Francisco Alonso of the Red Hat Security Response Team reported an
incorrect boundary check in the cdf_check_stream_offset() function.

CVE-2014-3480
Francisco Alonso of the Red Hat Security Response Team reported an
insufficient boundary check in the cdf_count_chain() function.

CVE-2014-3487
Francisco Alonso of the Red Hat Security Response Team discovered an
incorrect boundary check in the cdf_read_property_info() function.

CVE-2014-3515
Stefan Esser discovered that the ArrayObject and the
SPLObjectStorage unserialize() handler do not verify the type of
unserialized data before using it. A remote attacker could use this
flaw to execute arbitrary code.

CVE-2014-4721
Stefan Esser discovered a type confusion issue affecting phpinfo(),
which might allow an attacker to obtain sensitive information from
process memory.

Affected Software/OS:
php5 on Debian Linux

Solution:
For the stable distribution (wheezy), these problems have been fixed in
version 5.4.4-14+deb7u12. In addition, this update contains several
bugfixes originally targeted for the upcoming Wheezy point release.

For the testing distribution (jessie), these problems have been fixed in
version 5.6.0~
rc2+dfsg-1.

For the unstable distribution (sid), these problems have been fixed in
version 5.6.0~
rc2+dfsg-1.

We recommend that you upgrade your php5 packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0207
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
BugTraq ID: 68243
http://www.securityfocus.com/bid/68243
Debian Security Information: DSA-2974 (Google Search)
http://www.debian.org/security/2014/dsa-2974
Debian Security Information: DSA-3021 (Google Search)
http://www.debian.org/security/2014/dsa-3021
HPdes Security Advisory: HPSBUX03102
http://marc.info/?l=bugtraq&m=141017844705317&w=2
HPdes Security Advisory: SSRT101681
http://mx.gw.com/pipermail/file/2014/001553.html
RedHat Security Advisories: RHSA-2014:1765
http://rhn.redhat.com/errata/RHSA-2014-1765.html
RedHat Security Advisories: RHSA-2014:1766
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://secunia.com/advisories/59794
http://secunia.com/advisories/59831
SuSE Security Announcement: openSUSE-SU-2014:1236 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3478
BugTraq ID: 68239
http://www.securityfocus.com/bid/68239
RedHat Security Advisories: RHSA-2014:1327
http://rhn.redhat.com/errata/RHSA-2014-1327.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3479
BugTraq ID: 68241
http://www.securityfocus.com/bid/68241
Common Vulnerability Exposure (CVE) ID: CVE-2014-3480
BugTraq ID: 68238
http://www.securityfocus.com/bid/68238
Common Vulnerability Exposure (CVE) ID: CVE-2014-3487
BugTraq ID: 68120
http://www.securityfocus.com/bid/68120
Common Vulnerability Exposure (CVE) ID: CVE-2014-3515
BugTraq ID: 68237
http://www.securityfocus.com/bid/68237
http://secunia.com/advisories/60998
Common Vulnerability Exposure (CVE) ID: CVE-2014-4721
http://twitter.com/mikispag/statuses/485713462258302976
https://www.sektioneins.de/en/blog/14-07-04-phpinfo-infoleak.html
http://secunia.com/advisories/54553
SuSE Security Announcement: openSUSE-SU-2014:0945 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.html
CopyrightCopyright (c) 2014 Greenbone Networks GmbH http://greenbone.net

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.