Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
PHP Multiple Vulnerabilities - Sep11 (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is running PHP and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws are due to, - Improper handling of passwords with 8-bit characters by 'crypt_blowfish' function. - An error in 'ZipArchive::addGlob' and 'ZipArchive::addPattern' functions in ext/zip/php_zip.c file allows remote attackers to cause denial of service via certain flags arguments. - Improper validation of the return values of the malloc, calloc and realloc library functions. - Improper implementation of the error_log function.
Affected Software
Affected Software
PHP version prior to 5.3.7 on Windows
Solution
Solution
Upgrade to PHP version 5.3.7 or later.