Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 Tenable Network Security, Inc.SUSE_SU-2014-0868-1.NASL
HistoryMay 20, 2015 - 12:00 a.m.

SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)

2015-05-2000:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
11

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.948 High

EPSS

Percentile

99.3%

JSON

PHP5 has been updated to fix two security vulnerabilities :

  • Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)

  • NULL pointer dereference in GD XPM decoder (CVE-2014-2497)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2014:0868-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(83630);
  script_version("2.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2014-2497", "CVE-2014-4049");
  script_bugtraq_id(66233, 68007);

  script_name(english:"SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"PHP5 has been updated to fix two security vulnerabilities :

  - Heap-based buffer overflow in DNS TXT record parsing
    (CVE-2014-4049)

  - NULL pointer dereference in GD XPM decoder
    (CVE-2014-2497)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # http://download.suse.com/patch/finder/?keywords=5a6e6d1523035a22186fef4bad38da0d
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?dc8643d8"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-2497.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2014-4049.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/868624"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/882992"
  );
  # https://www.suse.com/support/update/announcement/2014/suse-su-20140868-1.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?d6bd146b"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 11 SP2 LTSS :

zypper in -t patch slessp2-apache2-mod_php5-9409

To bring your system up-to-date, use 'zypper patch'."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dbase");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-hash");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/07/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = eregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! ereg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! ereg(pattern:"^2$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP2", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES11", sp:"2", reference:"apache2-mod_php5-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-bcmath-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-bz2-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-calendar-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-ctype-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-curl-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-dba-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-dbase-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-dom-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-exif-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-fastcgi-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-ftp-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-gd-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-gettext-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-gmp-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-hash-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-iconv-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-json-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-ldap-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-mbstring-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-mcrypt-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-mysql-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-odbc-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-openssl-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-pcntl-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-pdo-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-pear-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-pgsql-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-pspell-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-shmop-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-snmp-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-soap-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-suhosin-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-sysvmsg-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-sysvsem-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-sysvshm-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-tokenizer-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-wddx-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-xmlreader-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-xmlrpc-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-xmlwriter-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-xsl-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-zip-5.2.14-0.7.30.54.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"php5-zlib-5.2.14-0.7.30.54.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "PHP5");
}
VendorProductVersionCPE
novellsuse_linuxapache2-mod_php5p-cpe:/a:novell:suse_linux:apache2-mod_php5
novellsuse_linuxphp5p-cpe:/a:novell:suse_linux:php5
novellsuse_linuxphp5-bcmathp-cpe:/a:novell:suse_linux:php5-bcmath
novellsuse_linuxphp5-bz2p-cpe:/a:novell:suse_linux:php5-bz2
novellsuse_linuxphp5-calendarp-cpe:/a:novell:suse_linux:php5-calendar
novellsuse_linuxphp5-ctypep-cpe:/a:novell:suse_linux:php5-ctype
novellsuse_linuxphp5-curlp-cpe:/a:novell:suse_linux:php5-curl
novellsuse_linuxphp5-dbap-cpe:/a:novell:suse_linux:php5-dba
novellsuse_linuxphp5-dbasep-cpe:/a:novell:suse_linux:php5-dbase
novellsuse_linuxphp5-domp-cpe:/a:novell:suse_linux:php5-dom
Rows per page:
1-10 of 461

Related

openvas 53
suse 4
ibm 5
nessus 52
securityvulns 5
cve 3
debiancve 1
ubuntucve 3
prion 3
nvd 3
seebug 2
fedora 4
veracode 5
cvelist 3
mageia 4
osv 6
debian 12
checkpoint_advisories 1
f5 4
oraclelinux 3
gentoo 2
amazon 4
ubuntu 3
cloudfoundry 1
redhat 5
centos 4
slackware 2
freebsd 1
hackerone 1
openvas
openvas
SUSE: Security Advisory for PHP5 (SUSE-SU-2014:0868-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0868-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0873-1)
2021-06-09 00:00:00
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for PHP5 (important)
2014-07-07 19:04:42
Security update for php53 (important)
2014-07-04 01:04:18
ibm
ibm
Security Bulletin: Vulnerabilities in php5 affect IBM Flex System Manager (FSM): (CVE-2013-4248 CVE-2013-6420 CVE-2014-2497 CVE-2014-4049)
2019-01-31 01:30:01
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CMM) (CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2019-01-31 01:55:01
Security Bulletin: Network Intrusion Prevention System is affected by curl and php5 vulnerabilities (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2022-02-23 17:14:38
nessus
nessus
SuSE 11.3 Security Update : php53 (SAT Patch Number 9450)
2014-07-04 00:00:00
Fedora 21 : gd-2.1.0-8.fc21 (2015-0432)
2015-01-20 00:00:00
Fedora 20 : gd-2.1.0-8.fc20 (2015-0503)
2015-01-21 00:00:00
securityvulns
securityvulns
libgd / PHP DoS
2014-07-22 00:00:00
[ MDVSA-2014:133 ] gd
2014-07-22 00:00:00
libgd / PHP security vulnerabilities
2015-04-07 00:00:00
cve
cve
CVE-2014-2497
2014-03-21 14:55:12
CVE-2014-4049
2014-06-18 19:55:05
CVE-2014-3597
2014-08-23 01:55:02
debiancve
debiancve
CVE-2014-2497
2014-03-21 14:55:12
ubuntucve
ubuntucve
CVE-2014-2497
2014-03-21 00:00:00
CVE-2014-4049
2014-06-18 00:00:00
CVE-2014-3597
2014-08-22 00:00:00
prion
prion
Null pointer dereference
2014-03-21 14:55:00
Heap overflow
2014-06-18 19:55:00
Buffer overflow
2014-08-23 01:55:00
nvd
nvd
CVE-2014-2497
2014-03-21 14:55:12
CVE-2014-4049
2014-06-18 19:55:05
CVE-2014-3597
2014-08-23 01:55:02
seebug
seebug
PHP &quot;gdImageCreateFromXpm()&quot;η©ΊζŒ‡ι’ˆι—΄ζŽ₯εΌ•η”¨ζΌζ΄ž
2014-03-19 00:00:00
php-gd 'gdxpm.c'η©ΊζŒ‡ι’ˆζ‹’η»ζœεŠ‘ζΌζ΄ž
2014-03-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: gd-2.1.0-6.fc20
2014-08-15 02:31:57
[SECURITY] Fedora 20 Update: gd-2.1.0-8.fc20
2015-01-20 21:03:19
[SECURITY] Fedora 21 Update: gd-2.1.0-8.fc21
2015-01-19 01:34:38
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:04
Arbitrary Code Execution
2019-05-02 05:04:21
Denial Of Service (DoS)
2019-05-02 05:04:17
cvelist
cvelist
CVE-2014-2497
2014-03-21 14:00:00
CVE-2014-4049
2014-06-18 19:00:00
CVE-2014-3597
2014-08-23 01:00:00
mageia
mageia
Updated gd and libgd packages fix security vulnerability
2014-07-09 02:44:55
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
Updated php packages fix multiple security vulnerabilities
2014-09-05 13:07:37
osv
osv
php5 - security update
2014-06-27 00:00:00
php5 - security update
2014-06-16 00:00:00
libgd2 - security update
2015-04-08 00:00:00
debian
debian
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
php5 security update
2014-06-27 11:30:03
checkpoint_advisories
checkpoint_advisories
PHP php_parserr DNS_TXT Heap Buffer Overflow (CVE-2014-4049)
2014-07-16 00:00:00
f5
f5
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
K15498 : Multiple PHP vulnerabilities
2014-08-12 00:00:00
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-09-30 00:00:00
php security update
2014-08-06 00:00:00
gentoo
gentoo
GD: Multiple vulnerabilities
2016-07-16 00:00:00
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
amazon
amazon
Medium: php55
2014-09-18 21:03:00
Medium: php
2014-08-21 11:15:00
Medium: php55
2014-07-09 16:42:00
ubuntu
ubuntu
PHP updates
2014-06-25 00:00:00
PHP vulnerabilities
2014-06-23 00:00:00
GD library vulnerabilities
2016-05-31 00:00:00
cloudfoundry
cloudfoundry
USN-2987-1 GD library vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
redhat
redhat
(RHSA-2014:1326) Moderate: php53 and php security update
2014-09-30 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
(RHSA-2014:1327) Moderate: php security update
2014-09-30 00:00:00
centos
centos
php, php53 security update
2014-09-30 10:27:47
php security update
2014-09-30 10:59:18
php security update
2014-08-06 14:38:20
slackware
slackware
[slackware-security] php
2014-09-04 22:00:56
[slackware-security] php
2014-07-12 03:48:04
freebsd
freebsd
PHP multiple vulnerabilities
2014-08-14 00:00:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.948 High

EPSS

Percentile

99.3%

JSON
Related for SUSE_SU-2014-0868-1.NASL
openvas53suse4ibm5nessus52securityvulns5cve3debiancve1ubuntucve3prion3nvd3seebug2fedora4veracode5cvelist3mageia4osv6debian12checkpoint_advisories1f54oraclelinux3gentoo2amazon4ubuntu3cloudfoundry1redhat5centos4slackware2freebsd1hackerone1