Computer Security Global Security Mag Online anti virus spywares job oofers telecom and network security
- english:
- Product Reviews:
- Business News:
- MAGIC QUADRANT :
- Market News:
- WHITE PAPER:
- Special Reports:
- Interviews:
- Opinion:
- EVENTS:
- Security Vulnerability:
- Malware Update:
- Diary:
- Guide & Podcast:
- Jobs:
- International News:
- CONTACTS:
- TRAINING :
Global Security Magazine Online antivirus
Product Reviews
Business News
MAGIC QUADRANT 
Market News
Special Reports
Opinion
EVENTS
Security Vulnerability
Malware Update
Diary
Guide & Podcast
Jobs
International News
CONTACTS
Flux RSS
| Vigil@nce: PHP, several vulnerabilities |
| June 2009 by Vigil@nce |
| An attacker can use several vulnerabilities of PHP in order to create a denial of service or to execute code. |
| Severity: 2/4 Consequences: user access/rights, data reading, denial of service of service Provenance: internet client Means of attack: 1 attack Ability of attacker: technician (2/4) Confidence: confirmed by the editor (5/5) Diffusion of the vulnerable configuration: high (3/3) Number of vulnerabilities in this bulletin: 2 Creation date: 19/06/2009 IMPACTED PRODUCTS
DESCRIPTION OF THE VULNERABILITY Several vulnerabilities were announced in PHP 5. A JPEG image containing malicious EXIF data generates a memory corruption in the exif_read_data() function. [grav:2/4; 48378, BID-35440] Under Windows, a script can execute all commands (despite the "Safe Mode") by prefixing them by a ’\’ character. [grav:2/4; 45997, BID-35435] These vulnerabilities are local or remote depending on the context. CHARACTERISTICS Identifiers: 45997, 48378, BID-35435, BID-35440, VIGILANCE-VUL-8808 http://vigilance.fr/vulnerability/PHP-several-vulnerabilities-8808 |
< previous next > |
PHP
