Test ID:	1.3.6.1.4.1.25623.1.0.805410
Category:	Web application abuses
Title:	PHP Multiple Buffer Overflow Vulnerabilities (Jan 2015)
Summary:	PHP is prone to denial of service and arbitrary code execution vulnerability.
Description:	Summary: PHP is prone to denial of service and arbitrary code execution vulnerability. Vulnerability Insight: Multiple flaws exist due to: - Improper validation of user supplied input passed to date_from_ISO8601() function in xmlrpc.c - including a timezone field in a date, leading to improper XML-RPC encoding. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service or possibly execute arbitrary code. Affected Software/OS: PHP versions 5.2.x before 5.2.7 Solution: Update to PHP version 5.2.7 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8626 BugTraq ID: 70928 http://www.securityfocus.com/bid/70928 http://openwall.com/lists/oss-security/2014/11/06/3 RedHat Security Advisories: RHSA-2014:1824 http://rhn.redhat.com/errata/RHSA-2014-1824.html RedHat Security Advisories: RHSA-2014:1825 http://rhn.redhat.com/errata/RHSA-2014-1825.html
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.