Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | CVE-2011-0753 CVE-2011-0755 CVE-2010-4699 CVE-2006-7243 |
CWE-ID | CWE-362 CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
PHP Universal components / Libraries / Scripting languages |
Vendor | PHP Group |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU45388
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-0753
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3.2
External linkshttp://bugs.php.net/52784
http://www.php.net/ChangeLog-5.php
http://exchange.xforce.ibmcloud.com/vulnerabilities/65431
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12271
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU45389
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-0755
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3.2
External linkshttp://bugs.php.net/46587
http://www.php.net/ChangeLog-5.php
http://exchange.xforce.ibmcloud.com/vulnerabilities/65426
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12589
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU45432
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-4699
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3.2
External linkshttp://bugs.php.net/52941
http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html
http://www.php.net/ChangeLog-5.php
http://exchange.xforce.ibmcloud.com/vulnerabilities/64963
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU45434
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2006-7243
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
PHP before 5.3.4 accepts the character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php .jpg at the end of the argument to the file_exists function.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3.2
External linkshttp://bugs.php.net/39863
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html
http://marc.info/?l=bugtraq&m=132871655717248&w=2
http://marc.info/?l=bugtraq&m=133469208622507&w=2
http://openwall.com/lists/oss-security/2010/11/18/4
http://openwall.com/lists/oss-security/2010/11/18/5
http://openwall.com/lists/oss-security/2010/12/09/10
http://openwall.com/lists/oss-security/2010/12/09/11
http://openwall.com/lists/oss-security/2010/12/09/9
http://rhn.redhat.com/errata/RHSA-2013-1307.html
http://rhn.redhat.com/errata/RHSA-2013-1615.html
http://rhn.redhat.com/errata/RHSA-2014-0311.html
http://secunia.com/advisories/55078
http://support.apple.com/kb/HT4581
http://svn.php.net/viewvc?view=revision&revision=305412
http://svn.php.net/viewvc?view=revision&revision=305507
http://www.madirish.net/?article=436
http://www.mandriva.com/security/advisories?name=MDVSA-2010:254
http://www.php.net/archive/2010.php#id2010-12-10-1
http://www.php.net/ChangeLog-5.php
http://www.php.net/releases/5_3_4.php
http://www.securityfocus.com/bid/44951
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12569
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.