Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Debian Local Security Checks
Title:Debian LTS: Security Advisory for php5 (DLA-2188-1)
Summary:The remote host is missing an update for the 'php5'; package(s) announced via the DLA-2188-1 advisory.
The remote host is missing an update for the 'php5'
package(s) announced via the DLA-2188-1 advisory.

Vulnerability Insight:
Three issues have been found in php5, a server-side, HTML-embedded
scripting language.

A one byte out-of-bounds read, which could potentially lead to
information disclosure or crash.

An URL containing zero (\0) character will be truncated at it, which
may cause some software to make incorrect assumptions and possibly
send some information to a wrong server.

Using a malformed url-encoded string an Out-of-Bounds read can occur.

Affected Software/OS:
'php5' package(s) on Debian Linux.

For Debian 8 'Jessie', these problems have been fixed in version

We recommend that you upgrade your php5 packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-7064
Debian Security Information: DSA-4717 (Google Search)
Debian Security Information: DSA-4719 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0642 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-7066
Common Vulnerability Exposure (CVE) ID: CVE-2020-7067
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2020 E-Soft Inc. All rights reserved.