Test ID:	1.3.6.1.4.1.25623.1.0.804291
Category:	Web application abuses
Title:	PHP Multiple Vulnerabilities - 01 (May 2014)
Summary:	PHP is prone to multiple vulnerabilities.
Description:	Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Integer overflow in the 'gdImageCrop' function within ext/gd/gd.c script. - Improper data types check as using string or array data type in place of a numeric data type within ext/gd/gd.c script. - Multiple integer signedness errors in the 'gdImageCrop' function within ext/gd/gd.c script. - Some NULL pointer dereference errors related to the 'imagecrop' function implementation. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct denial of service, gain sensitive information and have some other unspecified impacts. Affected Software/OS: PHP version 5.5.x before 5.5.9 Solution: Update to PHP version 5.5.9 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-7226 BugTraq ID: 65533 http://www.securityfocus.com/bid/65533 http://www.mandriva.com/security/advisories?name=MDVSA-2014:027 http://www.securitytracker.com/id/1029767 http://secunia.com/advisories/56829 http://www.ubuntu.com/usn/USN-2126-1 XForce ISS Database: php-cve20137226-bo(91099) https://exchange.xforce.ibmcloud.com/vulnerabilities/91099 Common Vulnerability Exposure (CVE) ID: CVE-2013-7327 Common Vulnerability Exposure (CVE) ID: CVE-2013-7328 Common Vulnerability Exposure (CVE) ID: CVE-2014-2020
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.