- Home
- CVEs with nessus.description==According to its banner, the version of PHP 5.3.x running on the remote host is prior to 5.3.7. It is, therefore, affected by the following vulnerabilities :
- A use-after-free vulnerability in substr_replace().
(CVE-2011-1148)
- A stack-based buffer overflow in socket_connect().
(CVE-2011-1938)
- A code execution vulnerability in ZipArchive::addGlob().
(CVE-2011-1657)
- crypt_blowfish was updated to 1.2. (CVE-2011-2483)
- Multiple NULL pointer dereferences. (CVE-2011-3182)
- An unspecified crash in error_log(). (CVE-2011-3267)
- A buffer overflow in crypt(). (CVE-2011-3268)
- A flaw exists in the php_win32_get_random_bytes() function when passing MCRYPT_DEV_URANDOM as source to mcrypt_create_iv(). A remote attacker can exploit this to cause a denial of service condition.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top