- Home
- CVEs with nessus.description==Several vulnerabilities have been discovered in PHP, the web scripting
language. The Common Vulnerabilities and Exposures project identifies
the following issues :
- CVE-2011-1072
It was discovered that insecure handling of temporary
files in the PEAR installer could lead to denial of
service.
- CVE-2011-4153
Maksymilian Arciemowicz discovered that a NULL pointer
dereference in the zend_strndup() function could lead to
denial of service.
- CVE-2012-0781
Maksymilian Arciemowicz discovered that a NULL pointer
dereference in the tidy_diagnose() function could lead
to denial of service.
- CVE-2012-0788
It was discovered that missing checks in the handling of
PDORow objects could lead to denial of service.
- CVE-2012-0831
It was discovered that the magic_quotes_gpc setting
could be disabled remotely.
This update also addresses PHP bugs, which are not treated as security
issues in Debian (see README.Debian.security), but which were fixed
nonetheless: CVE-2010-4697, CVE-2011-1092, CVE-2011-1148,
CVE-2011-1464, CVE-2011-1467 CVE-2011-1468, CVE-2011-1469,
CVE-2011-1470, CVE-2011-1657, CVE-2011-3182 CVE-2011-3267
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top