Test ID:	1.3.6.1.4.1.25623.1.0.882798
Category:	CentOS Local Security Checks
Title:	CentOS Update for php CESA-2017:3221 centos7
Summary:	Check the version of php
Description:	Summary: Check the version of php Vulnerability Insight: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * A null pointer dereference flaw was found in libgd. An attacker could use a specially-crafted .gd2 file to cause an application linked with libgd to crash, leading to denial of service. (CVE-2016-10167) * An integer overflow flaw, leading to a heap-based buffer overflow was found in the way libgd read some specially-crafted gd2 files. A remote attacker could use this flaw to crash an application compiled with libgd or in certain cases execute arbitrary code with the privileges of the user running that application. (CVE-2016-10168) Affected Software/OS: php on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10167 BugTraq ID: 95869 http://www.securityfocus.com/bid/95869 Debian Security Information: DSA-3777 (Google Search) http://www.debian.org/security/2017/dsa-3777 http://www.openwall.com/lists/oss-security/2017/01/26/1 http://www.openwall.com/lists/oss-security/2017/01/28/6 RedHat Security Advisories: RHSA-2017:3221 https://access.redhat.com/errata/RHSA-2017:3221 RedHat Security Advisories: RHSA-2018:1296 https://access.redhat.com/errata/RHSA-2018:1296 http://www.securitytracker.com/id/1037659 Common Vulnerability Exposure (CVE) ID: CVE-2016-10168
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.