Web application abuses : PHP Multiple Vulnerabilities - 03 (Aug 2016)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.808792

Category: Web application abuses

Title: PHP Multiple Vulnerabilities - 03 (Aug 2016) - Linux

Summary: PHP is prone to multiple vulnerabilities.

Description: Summary:
PHP is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An integer overflow in the fread function in 'ext/standard/file.c' script.

- An integer overflow in the php_html_entities function in
'ext/standard/html.c' script.

- An Integer overflow in the php_escape_html_entities_ex function in
'ext/standard/html.c' script.

Vulnerability Impact:
Successfully exploiting this issue allow
remote attackers to cause a denial of service or possibly have unspecified
other impact.

Affected Software/OS:
PHP versions prior to 5.5.36 and 5.6.x
before 5.6.22 on Linux

Solution:
Update to PHP version 5.5.36, or 5.6.22,
or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-5096
BugTraq ID: 90861
http://www.securityfocus.com/bid/90861
Debian Security Information: DSA-3602 (Google Search)
http://www.debian.org/security/2016/dsa-3602
http://www.openwall.com/lists/oss-security/2016/05/26/3
RedHat Security Advisories: RHSA-2016:2750
http://rhn.redhat.com/errata/RHSA-2016-2750.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5094
BugTraq ID: 90857
http://www.securityfocus.com/bid/90857
Common Vulnerability Exposure (CVE) ID: CVE-2016-5095
BugTraq ID: 92144
http://www.securityfocus.com/bid/92144

Copyright Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.808792
Category:	Web application abuses
Title:	PHP Multiple Vulnerabilities - 03 (Aug 2016) - Linux
Summary:	PHP is prone to multiple vulnerabilities.
Description:	Summary: PHP is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An integer overflow in the fread function in 'ext/standard/file.c' script. - An integer overflow in the php_html_entities function in 'ext/standard/html.c' script. - An Integer overflow in the php_escape_html_entities_ex function in 'ext/standard/html.c' script. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to cause a denial of service or possibly have unspecified other impact. Affected Software/OS: PHP versions prior to 5.5.36 and 5.6.x before 5.6.22 on Linux Solution: Update to PHP version 5.5.36, or 5.6.22, or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5096 BugTraq ID: 90861 http://www.securityfocus.com/bid/90861 Debian Security Information: DSA-3602 (Google Search) http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/26/3 RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5094 BugTraq ID: 90857 http://www.securityfocus.com/bid/90857 Common Vulnerability Exposure (CVE) ID: CVE-2016-5095 BugTraq ID: 92144 http://www.securityfocus.com/bid/92144
Copyright	Copyright (C) 2016 Greenbone AG