php is vulnerable to SQL injection. It was found that PHP did not correctly handle the magic_quotes_gpc
configuration directive. This could result in magic_quotes_gpc
input escaping not being applied in all cases, possibly making it easier for a remote attacker to perform SQL injection attacks.
lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html
lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html
lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html
lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html
lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html
rhn.redhat.com/errata/RHSA-2013-1307.html
secunia.com/advisories/48668
secunia.com/advisories/55078
support.apple.com/kb/HT5501
svn.php.net/viewvc?view=revision&revision=323016
www.securityfocus.com/bid/51954
www.ubuntu.com/usn/USN-1358-1
access.redhat.com/security/updates/classification/#moderate
access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/5.10_Technical_Notes/php53.html#RHSA-2013-1307
bugzilla.redhat.com/show_bug.cgi?id=837044
bugzilla.redhat.com/show_bug.cgi?id=869691
bugzilla.redhat.com/show_bug.cgi?id=869693
bugzilla.redhat.com/show_bug.cgi?id=869697
bugzilla.redhat.com/show_bug.cgi?id=892695
bugzilla.redhat.com/show_bug.cgi?id=951075
bugzilla.redhat.com/show_bug.cgi?id=953818
exchange.xforce.ibmcloud.com/vulnerabilities/73125
launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz
rhn.redhat.com/errata/RHSA-2013-1307.html