|Category:||Debian Local Security Checks|
|Title:||Debian LTS: Security Advisory for php5 (DLA-2188-1)|
|Summary:||The remote host is missing an update for the 'php5'; package(s) announced via the DLA-2188-1 advisory.|
The remote host is missing an update for the 'php5'
package(s) announced via the DLA-2188-1 advisory.
Three issues have been found in php5, a server-side, HTML-embedded
A one byte out-of-bounds read, which could potentially lead to
information disclosure or crash.
An URL containing zero (\0) character will be truncated at it, which
may cause some software to make incorrect assumptions and possibly
send some information to a wrong server.
Using a malformed url-encoded string an Out-of-Bounds read can occur.
'php5' package(s) on Debian Linux.
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your php5 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-7064|
Debian Security Information: DSA-4717 (Google Search)
Debian Security Information: DSA-4719 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0642 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-7066
Common Vulnerability Exposure (CVE) ID: CVE-2020-7067
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.