7.2 - DSA-2943

Executive Summary

Summary
Title	php5 security update

Informations
Name	DSA-2943	First vendor Publication	2014-06-01
Vendor	Debian	Last vendor Modification	2014-06-01
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	7.2	Attack Range	Local
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development:

CVE-2014-0185

The default PHP FPM socket permission has been changed from 0666 to 0660 to mitigate a security vulnerability (CVE-2014-0185) in PHP FPM that allowed any local user to run a PHP code under the active user of FPM process via crafted FastCGI client.

The default Debian setup now correctly sets the listen.owner and listen.group to www-data:www-data in default php-fpm.conf. If you have more FPM instances or a webserver not running under www-data user you need to adjust the configuration of FPM pools in /etc/php5/fpm/pool.d/ so the accessing process has rights to access the socket.

CVE-2014-0237 / CVE-2014-0238:

Denial of service in the CDF parser of the fileinfo module.

CVE-2014-2270

Denial of service in the fileinfo module.

For the stable distribution (wheezy), these problems have been fixed in version 5.4.4-14+deb7u10.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your php5 packages.

Original Source

Url : http://www.debian.org/security/2014/dsa-2943

CWE : Common Weakness Enumeration

%	Id	Name
50 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
25 %	CWE-399	Resource Management Errors
25 %	CWE-269	Improper Privilege Management

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24248

Oval ID:	oval:org.mitre.oval:def:24248
Title:	USN-2163-1 -- php5 vulnerability
Description:	PHP could be made to crash if it processed a specially crafted file.
Family:	unix	Class:	patch
Reference(s):	USN-2163-1 CVE-2014-2270	Version:	5
Platform(s):	Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	php5
Definition Synopsis:
Ubuntu 13.10 release section Ubuntu 13.10 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.3 AND php5-cgi DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.3 AND php5-cli DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.3 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.4.6-1ubuntu1.8 AND php5-cgi DPKG is earlier than 0:5.4.6-1ubuntu1.8 AND php5-cli DPKG is earlier than 0:5.4.6-1ubuntu1.8 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.3.10-1ubuntu3.11 AND php5-cgi DPKG is earlier than 0:5.3.10-1ubuntu3.11 AND php5-cli DPKG is earlier than 0:5.3.10-1ubuntu3.11 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.3.2-1ubuntu4.24 AND php5-cgi DPKG is earlier than 0:5.3.2-1ubuntu4.24 AND php5-cli DPKG is earlier than 0:5.3.2-1ubuntu4.24

Definition Id: oval:org.mitre.oval:def:24326

Oval ID:	oval:org.mitre.oval:def:24326
Title:	USN-2162-1 -- file vulnerability
Description:	File could be made to crash if it processed a specially crafted file.
Family:	unix	Class:	patch
Reference(s):	USN-2162-1 CVE-2014-2270	Version:	5
Platform(s):	Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	file
Definition Synopsis:
Ubuntu 13.10 release section Ubuntu 13.10 is installed Packages match section file DPKG is earlier than 0:5.11-2ubuntu4.2 AND libmagic1 DPKG is earlier than 0:5.11-2ubuntu4.2 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed Packages match section file DPKG is earlier than 0:5.11-2ubuntu0.2 AND libmagic1 DPKG is earlier than 0:5.11-2ubuntu0.2 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section file DPKG is earlier than 0:5.09-2ubuntu0.3 AND libmagic1 DPKG is earlier than 0:5.09-2ubuntu0.3 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section file DPKG is earlier than 0:5.03-5ubuntu1.2 AND libmagic1 DPKG is earlier than 0:5.03-5ubuntu1.2

Definition Id: oval:org.mitre.oval:def:24786

Oval ID:	oval:org.mitre.oval:def:24786
Title:	DSA-2943-1 php5 - security update
Description:	Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
Family:	unix	Class:	patch
Reference(s):	DSA-2943-1 CVE-2014-0185 CVE-2014-0237 CVE-2014-0238 CVE-2014-2270	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	php5
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND php5 DPKG is earlier than 0:5.4.4-14+deb7u10

Definition Id: oval:org.mitre.oval:def:25162

Oval ID:	oval:org.mitre.oval:def:25162
Title:	SUSE-SU-2014:0670-1 -- Security update for file
Description:	The command line tool file(1) and its library libmagic have been updated to fix the following issues: * file(1) crashed when parsing some PE executables. (CVE-2014-2270, bnc#866750) * file(1) did not set return code on non-existing files. (bnc#863450) Security Issue reference: * CVE-2014-2270 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270>
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0670-1 CVE-2014-2270	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	file
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section file RPM is earlier than 0:4.24-43.25.1 AND file-32bit RPM is earlier than 0:4.24-43.25.1

Definition Id: oval:org.mitre.oval:def:27121

Oval ID:	oval:org.mitre.oval:def:27121
Title:	ELSA-2014-1606 -- file security and bug fix update
Description:	[5.04-21] - fix typographical error in changelog [5.04-20] - fix #1037279 - better patch for the bug from previous release [5.04-19] - fix #1037279 - display 'from' field on 32bit ppc core [5.04-18] - fix #664513 - trim white-spaces during ISO9660 detection [5.04-17] - fix CVE-2014-3479 (cdf_check_stream_offset boundary check) - fix CVE-2014-3480 (cdf_count_chain insufficient boundary check) - fix CVE-2014-0237 (cdf_unpack_summary_info() excessive looping DoS) - fix CVE-2014-0238 (CDF property info parsing nelements infinite loop) - fix CVE-2014-2270 (out-of-bounds access in search rules with offsets) - fix CVE-2014-1943 (unrestricted recursion in handling of indirect type rules) - fix CVE-2012-1571 (out of bounds read in CDF parser) [5.04-16] - fix #873997 - improve Minix detection pattern to fix false positives - fix #884396 - improve PBM pattern to fix misdetection with x86 boot sector - fix #980941 - improve Bio-Rad pattern to fix false positives - fix #849621 - tweak strength of XML, Latex and Python patterns to execute them in the proper order - fix #1067771 - detect qcow version 3 images - fix #1064463 - treat RRDTool files as binary files
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1606 CVE-2014-0237 CVE-2014-0238 CVE-2014-3479 CVE-2014-3480 CVE-2012-1571 CVE-2014-1943 CVE-2014-2270	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	file file-devel file-libs file-static python-magic
Definition Synopsis:
Oracle Linux 6.x Packages match section file is earlier than 0:5.04-21.el6 AND file-devel is earlier than 0:5.04-21.el6 AND file-libs is earlier than 0:5.04-21.el6 AND file-static is earlier than 0:5.04-21.el6 AND python-magic is earlier than 0:5.04-21.el6

Definition Id: oval:org.mitre.oval:def:27197

Oval ID:	oval:org.mitre.oval:def:27197
Title:	ELSA-2014-1012 -- php53 and php security update (moderate)
Description:	[5.3.3-27.1] - core: type confusion issue in phpinfo(). CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw. CVE-2014-3515 - fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270 - fileinfo: unrestricted recursion in handling of indirect type rules. CVE-2014-1943 - fileinfo: out of bounds read in CDF parser. CVE-2012-1571 - fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479 - fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480 - fileinfo: cdf_unpack_summary_info() excessive looping DoS. CVE-2014-0237 - fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1012 CVE-2014-0237 CVE-2014-0238 CVE-2014-3479 CVE-2014-3480 CVE-2014-3515 CVE-2014-4049 CVE-2014-4721 CVE-2012-1571 CVE-2013-6712 CVE-2014-1943 CVE-2014-2270	Version:	3
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	php53 php
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section php53 is earlier than 0:5.3.3-23.el5_10 AND php53-bcmath is earlier than 0:5.3.3-23.el5_10 AND php53-cli is earlier than 0:5.3.3-23.el5_10 AND php53-common is earlier than 0:5.3.3-23.el5_10 AND php53-dba is earlier than 0:5.3.3-23.el5_10 AND php53-devel is earlier than 0:5.3.3-23.el5_10 AND php53-gd is earlier than 0:5.3.3-23.el5_10 AND php53-imap is earlier than 0:5.3.3-23.el5_10 AND php53-intl is earlier than 0:5.3.3-23.el5_10 AND php53-ldap is earlier than 0:5.3.3-23.el5_10 AND php53-mbstring is earlier than 0:5.3.3-23.el5_10 AND php53-mysql is earlier than 0:5.3.3-23.el5_10 AND php53-odbc is earlier than 0:5.3.3-23.el5_10 AND php53-pdo is earlier than 0:5.3.3-23.el5_10 AND php53-pgsql is earlier than 0:5.3.3-23.el5_10 AND php53-process is earlier than 0:5.3.3-23.el5_10 AND php53-pspell is earlier than 0:5.3.3-23.el5_10 AND php53-snmp is earlier than 0:5.3.3-23.el5_10 AND php53-soap is earlier than 0:5.3.3-23.el5_10 AND php53-xml is earlier than 0:5.3.3-23.el5_10 AND php53-xmlrpc is earlier than 0:5.3.3-23.el5_10 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section php is earlier than 0:5.3.3-27.el6_5.1 AND php-bcmath is earlier than 0:5.3.3-27.el6_5.1 AND php-cli is earlier than 0:5.3.3-27.el6_5.1 AND php-common is earlier than 0:5.3.3-27.el6_5.1 AND php-dba is earlier than 0:5.3.3-27.el6_5.1 AND php-devel is earlier than 0:5.3.3-27.el6_5.1 AND php-embedded is earlier than 0:5.3.3-27.el6_5.1 AND php-enchant is earlier than 0:5.3.3-27.el6_5.1 AND php-fpm is earlier than 0:5.3.3-27.el6_5.1 AND php-gd is earlier than 0:5.3.3-27.el6_5.1 AND php-imap is earlier than 0:5.3.3-27.el6_5.1 AND php-intl is earlier than 0:5.3.3-27.el6_5.1 AND php-ldap is earlier than 0:5.3.3-27.el6_5.1 AND php-mbstring is earlier than 0:5.3.3-27.el6_5.1 AND php-mysql is earlier than 0:5.3.3-27.el6_5.1 AND php-odbc is earlier than 0:5.3.3-27.el6_5.1 AND php-pdo is earlier than 0:5.3.3-27.el6_5.1 AND php-pgsql is earlier than 0:5.3.3-27.el6_5.1 AND php-process is earlier than 0:5.3.3-27.el6_5.1 AND php-pspell is earlier than 0:5.3.3-27.el6_5.1 AND php-recode is earlier than 0:5.3.3-27.el6_5.1 AND php-snmp is earlier than 0:5.3.3-27.el6_5.1 AND php-soap is earlier than 0:5.3.3-27.el6_5.1 AND php-tidy is earlier than 0:5.3.3-27.el6_5.1 AND php-xml is earlier than 0:5.3.3-27.el6_5.1 AND php-xmlrpc is earlier than 0:5.3.3-27.el6_5.1 AND php-zts is earlier than 0:5.3.3-27.el6_5.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	File Project File cpe:2.3:a:file_project:file:5.16:::::::* cpe:2.3:a:file_project:file:5.15:::::::* cpe:2.3:a:file_project:file:5.14:::::::* cpe:2.3:a:file_project:file:5.13:::::::* cpe:2.3:a:file_project:file:5.12:::::::* cpe:2.3:a:file_project:file:5.11:::::::* cpe:2.3:a:file_project:file:5.10:::::::* cpe:2.3:a:file_project:file:5.09:::::::* cpe:2.3:a:file_project:file:5.08:::::::* cpe:2.3:a:file_project:file::::::::	10
Application	Php cpe:2.3:a:php:php:5.5.9:-:::::: cpe:2.3:a:php:php:5.5.9:rc1:::::: cpe:2.3:a:php:php:5.5.8:-:::::: cpe:2.3:a:php:php:5.5.8:rc1:::::: cpe:2.3:a:php:php:5.5.7:-:::::: cpe:2.3:a:php:php:5.5.7:rc1:::::: cpe:2.3:a:php:php:5.5.6:-:::::: cpe:2.3:a:php:php:5.5.6:rc1:::::: cpe:2.3:a:php:php:5.5.5:-:::::: cpe:2.3:a:php:php:5.5.5:rc1:::::: cpe:2.3:a:php:php:5.5.4:-:::::: cpe:2.3:a:php:php:5.5.4:rc1:::::: cpe:2.3:a:php:php:5.5.3:::::::* cpe:2.3:a:php:php:5.5.2:-:::::: cpe:2.3:a:php:php:5.5.2:rc1:::::: cpe:2.3:a:php:php:5.5.12:-:::::: cpe:2.3:a:php:php:5.5.12:rc1:::::: cpe:2.3:a:php:php:5.5.11:-:::::: cpe:2.3:a:php:php:5.5.11:rc1:::::: cpe:2.3:a:php:php:5.5.10:-:::::: cpe:2.3:a:php:php:5.5.10:rc1:::::: cpe:2.3:a:php:php:5.5.1:::::::* cpe:2.3:a:php:php:5.5.0:alpha1:::::: cpe:2.3:a:php:php:5.5.0:beta4:::::: cpe:2.3:a:php:php:5.5.0:alpha6:::::: cpe:2.3:a:php:php:5.5.0:alpha2:::::: cpe:2.3:a:php:php:5.5.0:alpha5:::::: cpe:2.3:a:php:php:5.5.0:beta3:::::: cpe:2.3:a:php:php:5.5.0:beta2:::::: cpe:2.3:a:php:php:5.5.0:rc1:::::: cpe:2.3:a:php:php:5.5.0:alpha4:::::: cpe:2.3:a:php:php:5.5.0:beta1:::::: cpe:2.3:a:php:php:5.5.0:alpha3:::::: cpe:2.3:a:php:php:5.5.0:rc2:::::: cpe:2.3:a:php:php:5.5.0:-:::::: cpe:2.3:a:php:php:5.5.0:rc3:::::: cpe:2.3:a:php:php:5.4.9:-:::::: cpe:2.3:a:php:php:5.4.9:rc1:::::: cpe:2.3:a:php:php:5.4.8:-:::::: cpe:2.3:a:php:php:5.4.8:rc1:::::: cpe:2.3:a:php:php:5.4.7:-:::::: cpe:2.3:a:php:php:5.4.7:rc1:::::: cpe:2.3:a:php:php:5.4.6:-:::::: cpe:2.3:a:php:php:5.4.6:rc1:::::: cpe:2.3:a:php:php:5.4.5:-:::::: cpe:2.3:a:php:php:5.4.5:rc1:::::: cpe:2.3:a:php:php:5.4.45:::::::* cpe:2.3:a:php:php:5.4.44:::::::* cpe:2.3:a:php:php:5.4.43:::::::* cpe:2.3:a:php:php:5.4.42:::::::* cpe:2.3:a:php:php:5.4.41:::::::* cpe:2.3:a:php:php:5.4.40:::::::* cpe:2.3:a:php:php:5.4.4:-:::::: cpe:2.3:a:php:php:5.4.4:rc1:::::: cpe:2.3:a:php:php:5.4.4:rc2:::::: cpe:2.3:a:php:php:5.4.39:::::::* cpe:2.3:a:php:php:5.4.38:::::::* cpe:2.3:a:php:php:5.4.37:::::::* cpe:2.3:a:php:php:5.4.36:::::::* cpe:2.3:a:php:php:5.4.35:::::::* cpe:2.3:a:php:php:5.4.34:::::::* cpe:2.3:a:php:php:5.4.33:-:::::: cpe:2.3:a:php:php:5.4.33:rc1:::::: cpe:2.3:a:php:php:5.4.32:-:::::: cpe:2.3:a:php:php:5.4.32:rc1:::::: cpe:2.3:a:php:php:5.4.31:-:::::: cpe:2.3:a:php:php:5.4.31:rc1:::::: cpe:2.3:a:php:php:5.4.30:-:::::: cpe:2.3:a:php:php:5.4.30:rc1:::::: cpe:2.3:a:php:php:5.4.3:::::::* cpe:2.3:a:php:php:5.4.29:-:::::: cpe:2.3:a:php:php:5.4.29:rc1:::::: cpe:2.3:a:php:php:5.4.28:-:::::: cpe:2.3:a:php:php:5.4.28:rc1:::::: cpe:2.3:a:php:php:5.4.27:-:::::: cpe:2.3:a:php:php:5.4.27:rc1:::::: cpe:2.3:a:php:php:5.4.26:-:::::: cpe:2.3:a:php:php:5.4.26:rc1:::::: cpe:2.3:a:php:php:5.4.25:-:::::: cpe:2.3:a:php:php:5.4.25:rc1:::::: cpe:2.3:a:php:php:5.4.24:-:::::: cpe:2.3:a:php:php:5.4.24:rc1:::::: cpe:2.3:a:php:php:5.4.23:-:::::: cpe:2.3:a:php:php:5.4.23:rc1:::::: cpe:2.3:a:php:php:5.4.22:-:::::: cpe:2.3:a:php:php:5.4.22:rc1:::::: cpe:2.3:a:php:php:5.4.21:-:::::: cpe:2.3:a:php:php:5.4.21:rc1:::::: cpe:2.3:a:php:php:5.4.20:-:::::: cpe:2.3:a:php:php:5.4.20:rc1:::::: cpe:2.3:a:php:php:5.4.2:::::::* cpe:2.3:a:php:php:5.4.19:::::::* cpe:2.3:a:php:php:5.4.18:-:::::: cpe:2.3:a:php:php:5.4.18:rc1:::::: cpe:2.3:a:php:php:5.4.18:rc2:::::: cpe:2.3:a:php:php:5.4.17:-:::::: cpe:2.3:a:php:php:5.4.17:rc1:::::: cpe:2.3:a:php:php:5.4.16:rc1:::::: cpe:2.3:a:php:php:5.4.16:-:::::: cpe:2.3:a:php:php:5.4.15:rc1:::::: cpe:2.3:a:php:php:5.4.15:-:::::: cpe:2.3:a:php:php:5.4.14:rc1:::::: cpe:2.3:a:php:php:5.4.14:-:::::: cpe:2.3:a:php:php:5.4.13:rc1:::::: cpe:2.3:a:php:php:5.4.13:-:::::: cpe:2.3:a:php:php:5.4.12:rc2:::::: cpe:2.3:a:php:php:5.4.12:rc1:::::: cpe:2.3:a:php:php:5.4.12:-:::::: cpe:2.3:a:php:php:5.4.11:-:::::: cpe:2.3:a:php:php:5.4.11:rc1:::::: cpe:2.3:a:php:php:5.4.10:-:::::: cpe:2.3:a:php:php:5.4.10:rc1:::::: cpe:2.3:a:php:php:5.4.1:::::::* cpe:2.3:a:php:php:5.4.1:rc1:::::: cpe:2.3:a:php:php:5.4.1:rc2:::::: cpe:2.3:a:php:php:5.4.0:beta2:::::: cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::* cpe:2.3:a:php:php:5.4.0:rc2:::::: cpe:2.3:a:php:php:5.4.0:-:::::: cpe:2.3:a:php:php:5.4.0:alpha1:::::: cpe:2.3:a:php:php:5.4.0:alpha2:::::: cpe:2.3:a:php:php:5.4.0:alpha3:::::: cpe:2.3:a:php:php:5.4.0:beta1:::::: cpe:2.3:a:php:php:5.4.0:rc1:::::: cpe:2.3:a:php:php:5.4.0:rc3:::::: cpe:2.3:a:php:php:5.4.0:rc4:::::: cpe:2.3:a:php:php:5.4.0:rc5:::::: cpe:2.3:a:php:php:5.4.0:rc6:::::: cpe:2.3:a:php:php:5.4.0:rc7:::::: cpe:2.3:a:php:php:5.4.0:rc8:::::: cpe:2.3:a:php:php:5.3.9:-:::::: cpe:2.3:a:php:php:5.3.9:rc1:::::: cpe:2.3:a:php:php:5.3.9:rc2:::::: cpe:2.3:a:php:php:5.3.9:rc3:::::: cpe:2.3:a:php:php:5.3.9:rc4:::::: cpe:2.3:a:php:php:5.3.8:::::::* cpe:2.3:a:php:php:5.3.7:-:::::: cpe:2.3:a:php:php:5.3.7:rc1:::::: cpe:2.3:a:php:php:5.3.7:rc2:::::: cpe:2.3:a:php:php:5.3.7:rc3:::::: cpe:2.3:a:php:php:5.3.7:rc4:::::: cpe:2.3:a:php:php:5.3.7:rc5:::::: cpe:2.3:a:php:php:5.3.6:::::::* cpe:2.3:a:php:php:5.3.6:rc1:::::: cpe:2.3:a:php:php:5.3.6:rc2:::::: cpe:2.3:a:php:php:5.3.6:rc3:::::: cpe:2.3:a:php:php:5.3.5:::::::* cpe:2.3:a:php:php:5.3.4:-:::::: cpe:2.3:a:php:php:5.3.4:rc1:::::: cpe:2.3:a:php:php:5.3.4:rc2:::::: cpe:2.3:a:php:php:5.3.3:-:::::: cpe:2.3:a:php:php:5.3.3:rc1:::::: cpe:2.3:a:php:php:5.3.3:rc2:::::: cpe:2.3:a:php:php:5.3.3:rc3:::::: cpe:2.3:a:php:php:5.3.29:-:::::: cpe:2.3:a:php:php:5.3.29:rc1:::::: cpe:2.3:a:php:php:5.3.28:::::::* cpe:2.3:a:php:php:5.3.27:-:::::: cpe:2.3:a:php:php:5.3.27:rc1:::::: cpe:2.3:a:php:php:5.3.26:-:::::: cpe:2.3:a:php:php:5.3.26:rc1:::::: cpe:2.3:a:php:php:5.3.25:-:::::: cpe:2.3:a:php:php:5.3.25:rc1:::::: cpe:2.3:a:php:php:5.3.24:-:::::: cpe:2.3:a:php:php:5.3.24:rc1:::::: cpe:2.3:a:php:php:5.3.23:-:::::: cpe:2.3:a:php:php:5.3.23:rc1:::::: cpe:2.3:a:php:php:5.3.22:-:::::: cpe:2.3:a:php:php:5.3.22:rc1:::::: cpe:2.3:a:php:php:5.3.22:rc2:::::: cpe:2.3:a:php:php:5.3.21:-:::::: cpe:2.3:a:php:php:5.3.21:rc1:::::: cpe:2.3:a:php:php:5.3.20:-:::::: cpe:2.3:a:php:php:5.3.20:rc1:::::: cpe:2.3:a:php:php:5.3.2:-:::::: cpe:2.3:a:php:php:5.3.2:rc1:::::: cpe:2.3:a:php:php:5.3.2:rc2:::::: cpe:2.3:a:php:php:5.3.2:rc3:::::: cpe:2.3:a:php:php:5.3.19:-:::::: cpe:2.3:a:php:php:5.3.19:rc1:::::: cpe:2.3:a:php:php:5.3.18:-:::::: cpe:2.3:a:php:php:5.3.18:rc1:::::: cpe:2.3:a:php:php:5.3.17:::::::* cpe:2.3:a:php:php:5.3.16:::::::* cpe:2.3:a:php:php:5.3.15:-:::::: cpe:2.3:a:php:php:5.3.15:rc1:::::: cpe:2.3:a:php:php:5.3.14:-:::::: cpe:2.3:a:php:php:5.3.14:rc1:::::: cpe:2.3:a:php:php:5.3.14:rc2:::::: cpe:2.3:a:php:php:5.3.13:::::::* cpe:2.3:a:php:php:5.3.12:::::::* cpe:2.3:a:php:php:5.3.11:-:::::: cpe:2.3:a:php:php:5.3.11:rc1:::::: cpe:2.3:a:php:php:5.3.11:rc2:::::: cpe:2.3:a:php:php:5.3.10:::::::* cpe:2.3:a:php:php:5.3.1:-:::::: cpe:2.3:a:php:php:5.3.1:rc1:::::: cpe:2.3:a:php:php:5.3.1:rc2:::::: cpe:2.3:a:php:php:5.3.1:rc3:::::: cpe:2.3:a:php:php:5.3.1:rc4:::::: cpe:2.3:a:php:php:5.3.0:-:::::: cpe:2.3:a:php:php:5.3.0:alpha1:::::: cpe:2.3:a:php:php:5.3.0:alpha2:::::: cpe:2.3:a:php:php:5.3.0:alpha3:::::: cpe:2.3:a:php:php:5.3.0:beta1:::::: cpe:2.3:a:php:php:5.3.0:rc1:::::: cpe:2.3:a:php:php:5.3.0:rc2:::::: cpe:2.3:a:php:php:5.3.0:rc3:::::: cpe:2.3:a:php:php:5.3.0:rc4:::::: cpe:2.3:a:php:php:5.2.9:-:::::: cpe:2.3:a:php:php:5.2.9:rc1:::::: cpe:2.3:a:php:php:5.2.9:rc2:::::: cpe:2.3:a:php:php:5.2.9:rc3:::::: cpe:2.3:a:php:php:5.2.8:::::::* cpe:2.3:a:php:php:5.2.7:-:::::: cpe:2.3:a:php:php:5.2.7:rc1:::::: cpe:2.3:a:php:php:5.2.7:rc2:::::: cpe:2.3:a:php:php:5.2.7:rc3:::::: cpe:2.3:a:php:php:5.2.7:rc4:::::: cpe:2.3:a:php:php:5.2.7:rc5:::::: cpe:2.3:a:php:php:5.2.6:-:::::: cpe:2.3:a:php:php:5.2.6:rc1:::::: cpe:2.3:a:php:php:5.2.6:rc2:::::: cpe:2.3:a:php:php:5.2.6:rc3:::::: cpe:2.3:a:php:php:5.2.6:rc4:::::: cpe:2.3:a:php:php:5.2.6:rc5:::::: cpe:2.3:a:php:php:5.2.5:-:::::: cpe:2.3:a:php:php:5.2.5:rc1:::::: cpe:2.3:a:php:php:5.2.5:rc2:::::: cpe:2.3:a:php:php:5.2.4::windows::::: cpe:2.3:a:php:php:5.2.4:-:::::: cpe:2.3:a:php:php:5.2.4:rc1:::::: cpe:2.3:a:php:php:5.2.4:rc2:::::: cpe:2.3:a:php:php:5.2.4:rc3:::::: cpe:2.3:a:php:php:5.2.3:-:::::: cpe:2.3:a:php:php:5.2.3:rc1:::::: cpe:2.3:a:php:php:5.2.2:-:::::: cpe:2.3:a:php:php:5.2.2:rc1:::::: cpe:2.3:a:php:php:5.2.2:rc2:::::: cpe:2.3:a:php:php:5.2.17:::::::* cpe:2.3:a:php:php:5.2.16:::::::* cpe:2.3:a:php:php:5.2.15:-:::::: cpe:2.3:a:php:php:5.2.15:rc1:::::: cpe:2.3:a:php:php:5.2.15:rc2:::::: cpe:2.3:a:php:php:5.2.14:-:::::: cpe:2.3:a:php:php:5.2.14:rc1:::::: cpe:2.3:a:php:php:5.2.14:rc2:::::: cpe:2.3:a:php:php:5.2.14:rc3:::::: cpe:2.3:a:php:php:5.2.13:-:::::: cpe:2.3:a:php:php:5.2.13:rc1:::::: cpe:2.3:a:php:php:5.2.13:rc2:::::: cpe:2.3:a:php:php:5.2.12:-:::::: cpe:2.3:a:php:php:5.2.12:rc1:::::: cpe:2.3:a:php:php:5.2.12:rc2:::::: cpe:2.3:a:php:php:5.2.12:rc3:::::: cpe:2.3:a:php:php:5.2.12:rc4:::::: cpe:2.3:a:php:php:5.2.11:-:::::: cpe:2.3:a:php:php:5.2.11:rc1:::::: cpe:2.3:a:php:php:5.2.11:rc2:::::: cpe:2.3:a:php:php:5.2.11:rc3:::::: cpe:2.3:a:php:php:5.2.10:-:::::: cpe:2.3:a:php:php:5.2.10:rc1:::::: cpe:2.3:a:php:php:5.2.10:rc2:::::: cpe:2.3:a:php:php:5.2.1:-:::::: cpe:2.3:a:php:php:5.2.1:rc1:::::: cpe:2.3:a:php:php:5.2.1:rc2:::::: cpe:2.3:a:php:php:5.2.1:rc3:::::: cpe:2.3:a:php:php:5.2.1:rc4:::::: cpe:2.3:a:php:php:5.2.0:::::::* cpe:2.3:a:php:php:5.2.0:rc1:::::: cpe:2.3:a:php:php:5.2.0:rc2:::::: cpe:2.3:a:php:php:5.2.0:rc3:::::: cpe:2.3:a:php:php:5.2.0:rc4:::::: cpe:2.3:a:php:php:5.2.0:rc5:::::: cpe:2.3:a:php:php:5.2.0:rc6:::::: cpe:2.3:a:php:php:5.1.6:::::::* cpe:2.3:a:php:php:5.1.5:-:::::: cpe:2.3:a:php:php:5.1.5:rc1:::::: cpe:2.3:a:php:php:5.1.4:::::::* cpe:2.3:a:php:php:5.1.3:::::::* cpe:2.3:a:php:php:5.1.3:rc1:::::: cpe:2.3:a:php:php:5.1.3:rc2:::::: cpe:2.3:a:php:php:5.1.3:rc3:::::: cpe:2.3:a:php:php:5.1.2:-:::::: cpe:2.3:a:php:php:5.1.2:rc1:::::: cpe:2.3:a:php:php:5.1.2:rc2:::::: cpe:2.3:a:php:php:5.1.1:::::::* cpe:2.3:a:php:php:5.1.0:-:::::: cpe:2.3:a:php:php:5.1.0:beta1:::::: cpe:2.3:a:php:php:5.1.0:beta2:::::: cpe:2.3:a:php:php:5.1.0:beta3:::::: cpe:2.3:a:php:php:5.1.0:rc1:::::: cpe:2.3:a:php:php:5.1.0:rc2:::::: cpe:2.3:a:php:php:5.1.0:rc2-pre:::::: cpe:2.3:a:php:php:5.1.0:rc3:::::: cpe:2.3:a:php:php:5.1.0:rc4:::::: cpe:2.3:a:php:php:5.1.0:rc5:::::: cpe:2.3:a:php:php:5.1.0:rc6:::::: cpe:2.3:a:php:php:5.0.5:-:::::: cpe:2.3:a:php:php:5.0.5:rc1:::::: cpe:2.3:a:php:php:5.0.5:rc2:::::: cpe:2.3:a:php:php:5.0.4:-:::::: cpe:2.3:a:php:php:5.0.4:rc1:::::: cpe:2.3:a:php:php:5.0.4:rc2:::::: cpe:2.3:a:php:php:5.0.3:-:::::: cpe:2.3:a:php:php:5.0.3:rc1:::::: cpe:2.3:a:php:php:5.0.3:rc2:::::: cpe:2.3:a:php:php:5.0.2:-:::::: cpe:2.3:a:php:php:5.0.2:rc1:::::: cpe:2.3:a:php:php:5.0.1:-:::::: cpe:2.3:a:php:php:5.0.1:beta1:::::: cpe:2.3:a:php:php:5.0.1:rc1:::::: cpe:2.3:a:php:php:5.0.1:rc2:::::: cpe:2.3:a:php:php:5.0.0:beta3:::::: cpe:2.3:a:php:php:5.0.0:rc3:::::: cpe:2.3:a:php:php:5.0.0:beta1:::::: cpe:2.3:a:php:php:5.0.0:beta4:::::: cpe:2.3:a:php:php:5.0.0:rc1:::::: cpe:2.3:a:php:php:5.0.0:beta2:::::: cpe:2.3:a:php:php:5.0.0:rc2:::::: cpe:2.3:a:php:php:5.0.0:-:::::: cpe:2.3:a:php:php:5.0:rc1:::::: cpe:2.3:a:php:php:5.0:rc3:::::: cpe:2.3:a:php:php:5.0:rc2:::::: cpe:2.3:a:php:php:5:::::::* cpe:2.3:a:php:php:4.4.9:-:::::: cpe:2.3:a:php:php:4.4.9:rc1:::::: cpe:2.3:a:php:php:4.4.8:-:::::: cpe:2.3:a:php:php:4.4.8:rc1:::::: cpe:2.3:a:php:php:4.4.7:-:::::: cpe:2.3:a:php:php:4.4.7:rc1:::::: cpe:2.3:a:php:php:4.4.6:-:::::: cpe:2.3:a:php:php:4.4.6:rc1:::::: cpe:2.3:a:php:php:4.4.5:-:::::: cpe:2.3:a:php:php:4.4.5:rc1:::::: cpe:2.3:a:php:php:4.4.5:rc2:::::: cpe:2.3:a:php:php:4.4.4:-:::::: cpe:2.3:a:php:php:4.4.4:rc1:::::: cpe:2.3:a:php:php:4.4.3:-:::::: cpe:2.3:a:php:php:4.4.3:rc1:::::: cpe:2.3:a:php:php:4.4.3:rc2:::::: cpe:2.3:a:php:php:4.4.2:-:::::: cpe:2.3:a:php:php:4.4.2:rc1:::::: cpe:2.3:a:php:php:4.4.2:rc2:::::: cpe:2.3:a:php:php:4.4.1:-:::::: cpe:2.3:a:php:php:4.4.1:rc1:::::: cpe:2.3:a:php:php:4.4.0:-:::::: cpe:2.3:a:php:php:4.4.0:rc1:::::: cpe:2.3:a:php:php:4.4.0:rc2:::::: cpe:2.3:a:php:php:4.3.9:::::::* cpe:2.3:a:php:php:4.3.9:rc1:::::: cpe:2.3:a:php:php:4.3.9:rc2:::::: cpe:2.3:a:php:php:4.3.9:rc3:::::: cpe:2.3:a:php:php:4.3.8:::::::* cpe:2.3:a:php:php:4.3.7:-:::::: cpe:2.3:a:php:php:4.3.7:rc1:::::: cpe:2.3:a:php:php:4.3.6:-:::::: cpe:2.3:a:php:php:4.3.6:rc1:::::: cpe:2.3:a:php:php:4.3.6:rc2:::::: cpe:2.3:a:php:php:4.3.6:rc3:::::: cpe:2.3:a:php:php:4.3.5:-:::::: cpe:2.3:a:php:php:4.3.5:rc1:::::: cpe:2.3:a:php:php:4.3.5:rc2:::::: cpe:2.3:a:php:php:4.3.5:rc3:::::: cpe:2.3:a:php:php:4.3.5:rc4:::::: cpe:2.3:a:php:php:4.3.4:-:::::: cpe:2.3:a:php:php:4.3.4:rc1:::::: cpe:2.3:a:php:php:4.3.4:rc2:::::: cpe:2.3:a:php:php:4.3.4:rc3:::::: cpe:2.3:a:php:php:4.3.3:-:::::: cpe:2.3:a:php:php:4.3.3:rc1:::::: cpe:2.3:a:php:php:4.3.3:rc2:::::: cpe:2.3:a:php:php:4.3.3:rc3:::::: cpe:2.3:a:php:php:4.3.3:rc4:::::: cpe:2.3:a:php:php:4.3.2:-:::::: cpe:2.3:a:php:php:4.3.2:rc1:::::: cpe:2.3:a:php:php:4.3.2:rc2:::::: cpe:2.3:a:php:php:4.3.2:rc3:::::: cpe:2.3:a:php:php:4.3.2:rc4:::::: cpe:2.3:a:php:php:4.3.11:-:::::: cpe:2.3:a:php:php:4.3.11:rc1:::::: cpe:2.3:a:php:php:4.3.11:rc2:::::: cpe:2.3:a:php:php:4.3.10:-:::::: cpe:2.3:a:php:php:4.3.10:rc1:::::: cpe:2.3:a:php:php:4.3.10:rc2:::::: cpe:2.3:a:php:php:4.3.1:::::::* cpe:2.3:a:php:php:4.3.0:-:::::: cpe:2.3:a:php:php:4.3.0:alpha1:::::: cpe:2.3:a:php:php:4.3.0:alpha2:::::: cpe:2.3:a:php:php:4.3.0:alpha3:::::: cpe:2.3:a:php:php:4.3.0:dev:::::: cpe:2.3:a:php:php:4.3.0:pre1:::::: cpe:2.3:a:php:php:4.3.0:pre2:::::: cpe:2.3:a:php:php:4.3.0:rc1:::::: cpe:2.3:a:php:php:4.3.0:rc2:::::: cpe:2.3:a:php:php:4.3.0:rc3:::::: cpe:2.3:a:php:php:4.3.0:rc4:::::: cpe:2.3:a:php:php:4.2.3:-:::::: cpe:2.3:a:php:php:4.2.3:rc1:::::: cpe:2.3:a:php:php:4.2.3:rc2:::::: cpe:2.3:a:php:php:4.2.2:::::::* cpe:2.3:a:php:php:4.2.1:-:::::: cpe:2.3:a:php:php:4.2.1:rc1:::::: cpe:2.3:a:php:php:4.2.1:rc2:::::: cpe:2.3:a:php:php:4.2.0:-:::::: cpe:2.3:a:php:php:4.2.0:rc1:::::: cpe:2.3:a:php:php:4.2.0:rc2:::::: cpe:2.3:a:php:php:4.2.0:rc3:::::: cpe:2.3:a:php:php:4.2.0:rc4:::::: cpe:2.3:a:php:php:4.2::dev::::: cpe:2.3:a:php:php:4.1.2:::::::* cpe:2.3:a:php:php:4.1.1:::::::* cpe:2.3:a:php:php:4.1.0:-:::::: cpe:2.3:a:php:php:4.1.0:rc1:::::: cpe:2.3:a:php:php:4.1.0:rc2:::::: cpe:2.3:a:php:php:4.1.0:rc3:::::: cpe:2.3:a:php:php:4.1.0:rc4:::::: cpe:2.3:a:php:php:4.1.0:rc5:::::: cpe:2.3:a:php:php:4.0.7:rc3:::::: cpe:2.3:a:php:php:4.0.7:rc2:::::: cpe:2.3:a:php:php:4.0.7:rc4:::::: cpe:2.3:a:php:php:4.0.7:rc1:::::: cpe:2.3:a:php:php:4.0.7:-:::::: cpe:2.3:a:php:php:4.0.6:-:::::: cpe:2.3:a:php:php:4.0.6:rc1:::::: cpe:2.3:a:php:php:4.0.6:rc2:::::: cpe:2.3:a:php:php:4.0.6:rc3:::::: cpe:2.3:a:php:php:4.0.6:rc4:::::: cpe:2.3:a:php:php:4.0.5:-:::::: cpe:2.3:a:php:php:4.0.5:rc1:::::: cpe:2.3:a:php:php:4.0.5:rc2:::::: cpe:2.3:a:php:php:4.0.5:rc3:::::: cpe:2.3:a:php:php:4.0.5:rc4:::::: cpe:2.3:a:php:php:4.0.5:rc5:::::: cpe:2.3:a:php:php:4.0.5:rc6:::::: cpe:2.3:a:php:php:4.0.5:rc7:::::: cpe:2.3:a:php:php:4.0.5:rc8:::::: cpe:2.3:a:php:php:4.0.4pl1:::::::* cpe:2.3:a:php:php:4.0.4:patch1:::::: cpe:2.3:a:php:php:4.0.4:-:::::: cpe:2.3:a:php:php:4.0.4:rc1:::::: cpe:2.3:a:php:php:4.0.4:rc2:::::: cpe:2.3:a:php:php:4.0.4:rc3:::::: cpe:2.3:a:php:php:4.0.4:rc4:::::: cpe:2.3:a:php:php:4.0.4:rc5:::::: cpe:2.3:a:php:php:4.0.4:rc6:::::: cpe:2.3:a:php:php:4.0.3:::::::* cpe:2.3:a:php:php:4.0.3:patch1:::::: cpe:2.3:a:php:php:4.0.3:rc1:::::: cpe:2.3:a:php:php:4.0.3:rc2:::::: cpe:2.3:a:php:php:4.0.2:::::::* cpe:2.3:a:php:php:4.0.2:rc1:::::: cpe:2.3:a:php:php:4.0.1:patch2:::::: cpe:2.3:a:php:php:4.0.1:patch1:::::: cpe:2.3:a:php:php:4.0.1:-:::::: cpe:2.3:a:php:php:4.0.1:rc:::::: cpe:2.3:a:php:php:4.0.1:rc2:::::: cpe:2.3:a:php:php:4.0.0:::::::* cpe:2.3:a:php:php:4.0:beta1:::::: cpe:2.3:a:php:php:4.0:beta2:::::: cpe:2.3:a:php:php:4.0:beta3:::::: cpe:2.3:a:php:php:4.0:beta4:::::: cpe:2.3:a:php:php:4.0:beta_4_patch1:::::: cpe:2.3:a:php:php:4.0:rc1:::::: cpe:2.3:a:php:php:4.0:rc2:::::: cpe:2.3:a:php:php:4.0:-:::::: cpe:2.3:a:php:php:4:::::::* cpe:2.3:a:php:php:3.0.9:::::::* cpe:2.3:a:php:php:3.0.8:::::::* cpe:2.3:a:php:php:3.0.7:::::::* cpe:2.3:a:php:php:3.0.6:::::::* cpe:2.3:a:php:php:3.0.5:::::::* cpe:2.3:a:php:php:3.0.4:::::::* cpe:2.3:a:php:php:3.0.3:::::::* cpe:2.3:a:php:php:3.0.2:::::::* cpe:2.3:a:php:php:3.0.18:::::::* cpe:2.3:a:php:php:3.0.17:::::::* cpe:2.3:a:php:php:3.0.16:::::::* cpe:2.3:a:php:php:3.0.15:::::::* cpe:2.3:a:php:php:3.0.14:::::::* cpe:2.3:a:php:php:3.0.13:::::::* cpe:2.3:a:php:php:3.0.12:::::::* cpe:2.3:a:php:php:3.0.11:::::::* cpe:2.3:a:php:php:3.0.10:::::::* cpe:2.3:a:php:php:3.0.1:::::::* cpe:2.3:a:php:php:3.0:::::::* cpe:2.3:a:php:php:2.0b10:::::::* cpe:2.3:a:php:php:2.0.2:::::::* cpe:2.3:a:php:php:2.0.1:::::::* cpe:2.3:a:php:php:2.0.0:-:::::: cpe:2.3:a:php:php:2.0.0:alpha1:::::: cpe:2.3:a:php:php:2.0.0:alpha2:::::: cpe:2.3:a:php:php:2.0.0:beta1:::::: cpe:2.3:a:php:php:2.0.0:rc1:::::: cpe:2.3:a:php:php:2.0:::::::* cpe:2.3:a:php:php:1.5:::::::* cpe:2.3:a:php:php:1.4:::::::* cpe:2.3:a:php:php:1.3.5:::::::* cpe:2.3:a:php:php:1.3.1:::::::* cpe:2.3:a:php:php:1.3:-:::::: cpe:2.3:a:php:php:1.3:beta2:::::: cpe:2.3:a:php:php:1.3:beta3:::::: cpe:2.3:a:php:php:1.3:beta6:::::: cpe:2.3:a:php:php:1.2.5:::::::* cpe:2.3:a:php:php:1.2.4:::::::* cpe:2.3:a:php:php:1.2.3:::::::* cpe:2.3:a:php:php:1.2.2:::::::* cpe:2.3:a:php:php:1.2.1:::::::* cpe:2.3:a:php:php:1.2.0:::::::* cpe:2.3:a:php:php:1.2:::::::* cpe:2.3:a:php:php:1.1.1:::::::* cpe:2.3:a:php:php:1.1.0:::::::* cpe:2.3:a:php:php:1.1:::::::* cpe:2.3:a:php:php:1.0.4:::::::* cpe:2.3:a:php:php:1.0.3:::::::* cpe:2.3:a:php:php:1.0.2:::::::* cpe:2.3:a:php:php:1.0.1:::::::* cpe:2.3:a:php:php:1.0.0:-:::::: cpe:2.3:a:php:php:1.0.0:rc1:::::: cpe:2.3:a:php:php:1.0:beta1:::::: cpe:2.3:a:php:php:1.0:beta2:::::: cpe:2.3:a:php:php:1.0:beta3:::::: cpe:2.3:a:php:php:1.0:rc1:::::: cpe:2.3:a:php:php:1.0:rc2:::::: cpe:2.3:a:php:php:0.91:::::::* cpe:2.3:a:php:php:0.90:::::::* cpe:2.3:a:php:php:0.9.4:::::::* cpe:2.3:a:php:php:0.9.3:::::::* cpe:2.3:a:php:php:0.9.2:::::::* cpe:2.3:a:php:php:0.9.1:::::::* cpe:2.3:a:php:php:0.9.0:::::::* cpe:2.3:a:php:php:0.9:::::::* cpe:2.3:a:php:php:0.7:::::::* cpe:2.3:a:php:php:0.6:::::::* cpe:2.3:a:php:php:0.5.3:::::::* cpe:2.3:a:php:php:0.5.2:::::::* cpe:2.3:a:php:php:0.5:::::::* cpe:2.3:a:php:php:0.4:::::::* cpe:2.3:a:php:php:0.3:::::::* cpe:2.3:a:php:php:0.2.4:::::::* cpe:2.3:a:php:php:0.2.3:::::::* cpe:2.3:a:php:php:0.2.2:::::::* cpe:2.3:a:php:php:0.2.1:::::::* cpe:2.3:a:php:php:0.2.0:::::::* cpe:2.3:a:php:php:0.2:::::::* cpe:2.3:a:php:php:0.11:::::::* cpe:2.3:a:php:php:0.10:::::::* cpe:2.3:a:php:php:0.1.1:::::::* cpe:2.3:a:php:php:0.1:::::::* cpe:2.3:a:php:php:::::::: cpe:2.3:a:php:php:-:::::::*	551
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::-::: cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::	4
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:debian:debian_linux:6.0:::::::*	3
Os	Opensuse cpe:2.3:o:opensuse:opensuse:13.1:::::::* cpe:2.3:o:opensuse:opensuse:12.3:::::::* cpe:2.3:o:opensuse:opensuse:11.4:::::::*	3

Information Assurance Vulnerability Management (IAVM)

Date	Description
2014-05-08	IAVM : 2014-B-0053 - PHP Privilege Escalation Vulnerability Severity : Category I - VMSKEY : V0050233

Snort® IPS/IDS

Date	Description
2016-03-29	PHP libmagic PE out of bounds memory access attempt RuleID : 38347 - Revision : 1 - Type : FILE-EXECUTABLE
2015-10-20	PHP CDF file handling infinite loop dos attempt RuleID : 36059 - Revision : 3 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date	Description
2016-08-12	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_70140f20600711e6a6c314dae9d210b8.nasl - Type : ACT_GATHER_INFO
2015-12-22	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20151119_file_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2015-2155.nasl - Type : ACT_GATHER_INFO
2015-11-24	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2015-2155.nasl - Type : ACT_GATHER_INFO
2015-11-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-2155.nasl - Type : ACT_GATHER_INFO
2015-10-06	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-636.nasl - Type : ACT_GATHER_INFO
2015-09-18	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16954.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO
2015-04-10	Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-080.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-27.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-145.nasl - Type : ACT_GATHER_INFO
2015-03-24	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201503-08.nasl - Type : ACT_GATHER_INFO
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_php_20140522.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1606.nasl - Type : ACT_GATHER_INFO
2014-11-04	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141014_file_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1606.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1606.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-393.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-382.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-362.nasl - Type : ACT_GATHER_INFO
2014-10-12	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-361.nasl - Type : ACT_GATHER_INFO
2014-09-18	Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit... File : macosx_10_9_5.nasl - Type : ACT_GATHER_INFO
2014-09-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3021.nasl - Type : ACT_GATHER_INFO
2014-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-11.nasl - Type : ACT_GATHER_INFO
2014-08-20	Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_29.nasl - Type : ACT_GATHER_INFO
2014-08-19	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d2a892b9260511e49da000a0986f28c4.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140806_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-07-06	Name : The remote Fedora host is missing a security update. File : fedora_2014-7992.nasl - Type : ACT_GATHER_INFO
2014-07-04	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-140627.nasl - Type : ACT_GATHER_INFO
2014-06-26	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2254-2.nasl - Type : ACT_GATHER_INFO
2014-06-24	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2254-1.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-6904.nasl - Type : ACT_GATHER_INFO
2014-06-18	Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-6901.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-209.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-255.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-419.nasl - Type : ACT_GATHER_INFO
2014-06-11	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-116.nasl - Type : ACT_GATHER_INFO
2014-06-11	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-115.nasl - Type : ACT_GATHER_INFO
2014-06-10	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2014-160-01.nasl - Type : ACT_GATHER_INFO
2014-06-03	Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_5_13.nasl - Type : ACT_GATHER_INFO
2014-06-03	Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_4_29.nasl - Type : ACT_GATHER_INFO
2014-06-03	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2943.nasl - Type : ACT_GATHER_INFO
2014-05-19	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_file-140331.nasl - Type : ACT_GATHER_INFO
2014-05-16	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-087.nasl - Type : ACT_GATHER_INFO
2014-05-12	Name : The remote Fedora host is missing a security update. File : fedora_2014-5984.nasl - Type : ACT_GATHER_INFO
2014-05-06	Name : The remote Fedora host is missing a security update. File : fedora_2014-5960.nasl - Type : ACT_GATHER_INFO
2014-05-05	Name : The remote web server uses a version of PHP that is potentially affected by a... File : php_5_5_12.nasl - Type : ACT_GATHER_INFO
2014-05-05	Name : The remote web server uses a version of PHP that is potentially affected by a... File : php_5_4_28.nasl - Type : ACT_GATHER_INFO
2014-04-08	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2163-1.nasl - Type : ACT_GATHER_INFO
2014-04-08	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2162-1.nasl - Type : ACT_GATHER_INFO
2014-03-31	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7e61a839b71411e38195001966155bea.nasl - Type : ACT_GATHER_INFO
2014-03-28	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-313.nasl - Type : ACT_GATHER_INFO
2014-03-28	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-314.nasl - Type : ACT_GATHER_INFO
2014-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2014-3589.nasl - Type : ACT_GATHER_INFO
2014-03-17	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-059.nasl - Type : ACT_GATHER_INFO
2014-03-17	Name : The remote Fedora host is missing a security update. File : fedora_2014-3537.nasl - Type : ACT_GATHER_INFO
2014-03-14	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-051.nasl - Type : ACT_GATHER_INFO
2014-03-13	Name : The remote Fedora host is missing a security update. File : fedora_2014-3606.nasl - Type : ACT_GATHER_INFO
2014-03-12	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2873.nasl - Type : ACT_GATHER_INFO
2014-03-10	Name : The remote Fedora host is missing a security update. File : fedora_2014-3534.nasl - Type : ACT_GATHER_INFO
2014-03-07	Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_4_26.nasl - Type : ACT_GATHER_INFO
2014-03-07	Name : The remote web server uses a version of PHP that is potentially affected by m... File : php_5_5_10.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-06-04 13:23:58	Multiple Updates
2014-06-01 13:21:20	First insertion

Global Informations

Type	Count
CWE ID(s)	4
Oval ID(s)	6
CPE ID(s)	571
IAVM(s)	1
Snort® Rule(s)	2
Nessus® Exploit(s)	69

	Related
7.2	CVE-2014-0185
5	CVE-2014-0238
5	CVE-2014-0237
4.3	CVE-2014-2270
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 4 more Alert(s)

7.2 - DSA-2943

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU