Lucene search

K
redhatRedHatRHSA-2016:1610
HistoryAug 11, 2016 - 7:51 p.m.

(RHSA-2016:1610) Moderate: php54-php security update

2016-08-1119:51:58
access.redhat.com
61

EPSS

0.928

Percentile

99.1%

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

Security Fix(es):

  • It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5385)

Red Hat would like to thank Scott Geary (VendHQ) for reporting this issue.