oval:org.mitre.oval:def:28030

Definition Id: oval:org.mitre.oval:def:28030

Oval ID:	oval:org.mitre.oval:def:28030
Title:	RHSA-2014:1767 -- php security update (Important)
Description:	PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670) An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669) An out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file. (CVE-2014-3710) An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668) The CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security. All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1767 CESA-2014:1767-CentOS 6 CESA-2014:1767-CentOS 7 CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 CentOS Linux 6 CentOS Linux 7	Product(s):	php
Definition Synopsis:
Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section php is earlier than 0:5.3.3-40.el6_6 AND php-bcmath is earlier than 0:5.3.3-40.el6_6 AND php-cli is earlier than 0:5.3.3-40.el6_6 AND php-common is earlier than 0:5.3.3-40.el6_6 AND php-dba is earlier than 0:5.3.3-40.el6_6 AND php-devel is earlier than 0:5.3.3-40.el6_6 AND php-embedded is earlier than 0:5.3.3-40.el6_6 AND php-enchant is earlier than 0:5.3.3-40.el6_6 AND php-fpm is earlier than 0:5.3.3-40.el6_6 AND php-gd is earlier than 0:5.3.3-40.el6_6 AND php-imap is earlier than 0:5.3.3-40.el6_6 AND php-intl is earlier than 0:5.3.3-40.el6_6 AND php-ldap is earlier than 0:5.3.3-40.el6_6 AND php-mbstring is earlier than 0:5.3.3-40.el6_6 AND php-mysql is earlier than 0:5.3.3-40.el6_6 AND php-odbc is earlier than 0:5.3.3-40.el6_6 AND php-pdo is earlier than 0:5.3.3-40.el6_6 AND php-pgsql is earlier than 0:5.3.3-40.el6_6 AND php-process is earlier than 0:5.3.3-40.el6_6 AND php-pspell is earlier than 0:5.3.3-40.el6_6 AND php-recode is earlier than 0:5.3.3-40.el6_6 AND php-snmp is earlier than 0:5.3.3-40.el6_6 AND php-soap is earlier than 0:5.3.3-40.el6_6 AND php-tidy is earlier than 0:5.3.3-40.el6_6 AND php-xml is earlier than 0:5.3.3-40.el6_6 AND php-xmlrpc is earlier than 0:5.3.3-40.el6_6 AND php-zts is earlier than 0:5.3.3-40.el6_6 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND php-debuginfo is earlier than 0:5.3.3-40.el6_6 AND Red Hat Enterprise Linux 7 and CentOS Linux 7 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 7 AND The operating system installed on the system is CentOS Linux 7.x Packages match section php is earlier than 0:5.4.16-23.el7_0.3 AND php-bcmath is earlier than 0:5.4.16-23.el7_0.3 AND php-cli is earlier than 0:5.4.16-23.el7_0.3 AND php-common is earlier than 0:5.4.16-23.el7_0.3 AND php-dba is earlier than 0:5.4.16-23.el7_0.3 AND php-devel is earlier than 0:5.4.16-23.el7_0.3 AND php-embedded is earlier than 0:5.4.16-23.el7_0.3 AND php-enchant is earlier than 0:5.4.16-23.el7_0.3 AND php-fpm is earlier than 0:5.4.16-23.el7_0.3 AND php-gd is earlier than 0:5.4.16-23.el7_0.3 AND php-intl is earlier than 0:5.4.16-23.el7_0.3 AND php-ldap is earlier than 0:5.4.16-23.el7_0.3 AND php-mbstring is earlier than 0:5.4.16-23.el7_0.3 AND php-mysql is earlier than 0:5.4.16-23.el7_0.3 AND php-mysqlnd is earlier than 0:5.4.16-23.el7_0.3 AND php-odbc is earlier than 0:5.4.16-23.el7_0.3 AND php-pdo is earlier than 0:5.4.16-23.el7_0.3 AND php-pgsql is earlier than 0:5.4.16-23.el7_0.3 AND php-process is earlier than 0:5.4.16-23.el7_0.3 AND php-pspell is earlier than 0:5.4.16-23.el7_0.3 AND php-recode is earlier than 0:5.4.16-23.el7_0.3 AND php-snmp is earlier than 0:5.4.16-23.el7_0.3 AND php-soap is earlier than 0:5.4.16-23.el7_0.3 AND php-xml is earlier than 0:5.4.16-23.el7_0.3 AND php-xmlrpc is earlier than 0:5.4.16-23.el7_0.3 AND Red Hat Enterprise Linux 7 release section The operating system installed on the system is Red Hat Enterprise Linux 7 AND php-debuginfo is earlier than 0:5.4.16-23.el7_0.3

Definition Id: oval:org.mitre.oval:def:20273

Oval ID:	oval:org.mitre.oval:def:20273
Title:	The operating system installed on the system is Red Hat Enterprise Linux 6
Description:	The operating system installed on the system is Red Hat Enterprise Linux 6.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:redhat:enterprise_linux:6	Version:	6
Platform(s):	Red Hat Enterprise Linux 6	Product(s):
Definition Synopsis:
Red Hat Enterprise 6 is installed AND NOT Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:28030 oval:org.mitre.oval:def:28030

Definition Id: oval:org.mitre.oval:def:16337

Oval ID:	oval:org.mitre.oval:def:16337
Title:	The operating system installed on the system is CentOS Linux 6.x
Description:	The operating system installed on the system is CentOS Linux 6.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:centos:centos:6	Version:	5
Platform(s):	CentOS Linux 6	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND CentOS Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:28030

Definition Id: oval:org.mitre.oval:def:24953

Oval ID:	oval:org.mitre.oval:def:24953
Title:	The operating system installed on the system is Red Hat Enterprise Linux 7
Description:	The operating system installed on the system is Red Hat Enterprise Linux 7.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:redhat:enterprise_linux:7	Version:	3
Platform(s):	Red Hat Enterprise Linux 7	Product(s):
Definition Synopsis:
Red Hat Enterprise 7 is installed AND NOT Oracle Linux 7.x is installed
Referenced By:
oval:org.mitre.oval:def:28030 oval:org.mitre.oval:def:28030

Definition Id: oval:org.mitre.oval:def:24773

Oval ID:	oval:org.mitre.oval:def:24773
Title:	The operating system installed on the system is CentOS Linux 7.x
Description:	The operating system installed on the system is CentOS Linux 7.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:centos:centos:7	Version:	3
Platform(s):	CentOS Linux 7	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND CentOS Linux 7.x is installed
Referenced By:
oval:org.mitre.oval:def:28030

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0361s

Facebook rss twitter linkedin mail