2.6 - CVE-2014-4721

Executive Summary

Informations
Name	CVE-2014-4721	First vendor Publication	2014-07-06
Vendor	Cve	Last vendor Modification	2023-01-19

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:N/A:N)
Cvss Base Score	2.6	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	High
Cvss Expoit Score	4.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-200	Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24837

Oval ID:	oval:org.mitre.oval:def:24837
Title:	DSA-2974-1 -- php5 - security update
Description:	Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
Family:	unix	Class:	patch
Reference(s):	DSA-2974-1 CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-4721	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	php5
Definition Synopsis:
Debian 7 Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND php5 DPKG is earlier than 0:5.4.4-14+deb7u12

Definition Id: oval:org.mitre.oval:def:25226

Oval ID:	oval:org.mitre.oval:def:25226
Title:	USN-2276-1 -- php5 vulnerabilities
Description:	Several security issues were fixed in PHP.
Family:	unix	Class:	patch
Reference(s):	USN-2276-1 CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-4670 CVE-2014-4698 CVE-2014-4721	Version:	3
Platform(s):	Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	php5
Definition Synopsis:
Ubuntu 14.04 release section Ubuntu 14.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.3 AND php5-cgi DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.3 AND php5-cli DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.3 AND php5-fpm DPKG is earlier than 0:5.5.9+dfsg-1ubuntu4.3 AND Ubuntu 13.10 release section Ubuntu 13.10 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.6 AND php5-cgi DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.6 AND php5-cli DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.6 AND php5-fpm DPKG is earlier than 0:5.5.3+dfsg-1ubuntu2.6 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.3.10-1ubuntu3.13 AND php5-cgi DPKG is earlier than 0:5.3.10-1ubuntu3.13 AND php5-cli DPKG is earlier than 0:5.3.10-1ubuntu3.13 AND php5-fpm DPKG is earlier than 0:5.3.10-1ubuntu3.13 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed Packages match section libapache2-mod-php5 DPKG is earlier than 0:5.3.2-1ubuntu4.26 AND php5-cgi DPKG is earlier than 0:5.3.2-1ubuntu4.26 AND php5-cli DPKG is earlier than 0:5.3.2-1ubuntu4.26

Definition Id: oval:org.mitre.oval:def:25721

Oval ID:	oval:org.mitre.oval:def:25721
Title:	SUSE-SU-2014:0938-1 -- Security update for PHP 5.3
Description:	PHP 5.3 has been updated to fix several security problems.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0938-1 CVE-2014-3515 CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-4670 CVE-2014-4698 CVE-2014-4721	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	PHP 5.3
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section apache2-mod_php53 RPM is earlier than 0:5.3.17-0.27.1 AND php53 RPM is earlier than 0:5.3.17-0.27.1 AND php53-bcmath RPM is earlier than 0:5.3.17-0.27.1 AND php53-bz2 RPM is earlier than 0:5.3.17-0.27.1 AND php53-calendar RPM is earlier than 0:5.3.17-0.27.1 AND php53-ctype RPM is earlier than 0:5.3.17-0.27.1 AND php53-curl RPM is earlier than 0:5.3.17-0.27.1 AND php53-dba RPM is earlier than 0:5.3.17-0.27.1 AND php53-dom RPM is earlier than 0:5.3.17-0.27.1 AND php53-exif RPM is earlier than 0:5.3.17-0.27.1 AND php53-fastcgi RPM is earlier than 0:5.3.17-0.27.1 AND php53-fileinfo RPM is earlier than 0:5.3.17-0.27.1 AND php53-ftp RPM is earlier than 0:5.3.17-0.27.1 AND php53-gd RPM is earlier than 0:5.3.17-0.27.1 AND php53-gettext RPM is earlier than 0:5.3.17-0.27.1 AND php53-gmp RPM is earlier than 0:5.3.17-0.27.1 AND php53-iconv RPM is earlier than 0:5.3.17-0.27.1 AND php53-intl RPM is earlier than 0:5.3.17-0.27.1 AND php53-json RPM is earlier than 0:5.3.17-0.27.1 AND php53-ldap RPM is earlier than 0:5.3.17-0.27.1 AND php53-mbstring RPM is earlier than 0:5.3.17-0.27.1 AND php53-mcrypt RPM is earlier than 0:5.3.17-0.27.1 AND php53-mysql RPM is earlier than 0:5.3.17-0.27.1 AND php53-odbc RPM is earlier than 0:5.3.17-0.27.1 AND php53-openssl RPM is earlier than 0:5.3.17-0.27.1 AND php53-pcntl RPM is earlier than 0:5.3.17-0.27.1 AND php53-pdo RPM is earlier than 0:5.3.17-0.27.1 AND php53-pear RPM is earlier than 0:5.3.17-0.27.1 AND php53-pgsql RPM is earlier than 0:5.3.17-0.27.1 AND php53-pspell RPM is earlier than 0:5.3.17-0.27.1 AND php53-shmop RPM is earlier than 0:5.3.17-0.27.1 AND php53-snmp RPM is earlier than 0:5.3.17-0.27.1 AND php53-soap RPM is earlier than 0:5.3.17-0.27.1 AND php53-suhosin RPM is earlier than 0:5.3.17-0.27.1 AND php53-sysvmsg RPM is earlier than 0:5.3.17-0.27.1 AND php53-sysvsem RPM is earlier than 0:5.3.17-0.27.1 AND php53-sysvshm RPM is earlier than 0:5.3.17-0.27.1 AND php53-tokenizer RPM is earlier than 0:5.3.17-0.27.1 AND php53-wddx RPM is earlier than 0:5.3.17-0.27.1 AND php53-xmlreader RPM is earlier than 0:5.3.17-0.27.1 AND php53-xmlrpc RPM is earlier than 0:5.3.17-0.27.1 AND php53-xmlwriter RPM is earlier than 0:5.3.17-0.27.1 AND php53-xsl RPM is earlier than 0:5.3.17-0.27.1 AND php53-zip RPM is earlier than 0:5.3.17-0.27.1 AND php53-zlib RPM is earlier than 0:5.3.17-0.27.1

Definition Id: oval:org.mitre.oval:def:26314

Oval ID:	oval:org.mitre.oval:def:26314
Title:	RHSA-2014:1012: php53 and php security update (Moderate)
Description:	PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP's fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. Multiple denial of service flaws were found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash a PHP application using fileinfo via a specially crafted CDF file. (CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571) Two denial of service flaws were found in the way the File Information (fileinfo) extension handled indirect and search rules. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to crash or consume an excessive amount of CPU. (CVE-2014-1943, CVE-2014-2270) A heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT records. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. (CVE-2014-4049) A type confusion issue was found in PHP's phpinfo() function. A malicious script author could possibly use this flaw to disclose certain portions of server memory. (CVE-2014-4721) A buffer over-read flaw was found in the way the DateInterval class parsed interval specifications. An attacker able to make a PHP application parse a specially crafted specification using DateInterval could possibly cause the PHP interpreter to crash. (CVE-2013-6712) A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3515) The CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, and CVE-2014-3480 issues were discovered by Francisco Alonso of Red Hat Product Security. All php53 and php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1012-00 CESA-2014:1012 CVE-2012-1571 CVE-2013-6712 CVE-2014-0237 CVE-2014-0238 CVE-2014-1943 CVE-2014-2270 CVE-2014-3479 CVE-2014-3480 CVE-2014-3515 CVE-2014-4049 CVE-2014-4721	Version:	3
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6	Product(s):	php53 php
Definition Synopsis:
Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section php53 is earlier than 0:5.3.3-23.el5_10 AND php53-bcmath is earlier than 0:5.3.3-23.el5_10 AND php53-cli is earlier than 0:5.3.3-23.el5_10 AND php53-common is earlier than 0:5.3.3-23.el5_10 AND php53-dba is earlier than 0:5.3.3-23.el5_10 AND php53-devel is earlier than 0:5.3.3-23.el5_10 AND php53-gd is earlier than 0:5.3.3-23.el5_10 AND php53-imap is earlier than 0:5.3.3-23.el5_10 AND php53-intl is earlier than 0:5.3.3-23.el5_10 AND php53-ldap is earlier than 0:5.3.3-23.el5_10 AND php53-mbstring is earlier than 0:5.3.3-23.el5_10 AND php53-mysql is earlier than 0:5.3.3-23.el5_10 AND php53-odbc is earlier than 0:5.3.3-23.el5_10 AND php53-pdo is earlier than 0:5.3.3-23.el5_10 AND php53-pgsql is earlier than 0:5.3.3-23.el5_10 AND php53-process is earlier than 0:5.3.3-23.el5_10 AND php53-pspell is earlier than 0:5.3.3-23.el5_10 AND php53-snmp is earlier than 0:5.3.3-23.el5_10 AND php53-soap is earlier than 0:5.3.3-23.el5_10 AND php53-xml is earlier than 0:5.3.3-23.el5_10 AND php53-xmlrpc is earlier than 0:5.3.3-23.el5_10 AND Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section php is earlier than 0:5.3.3-27.el6_5.1 AND php-bcmath is earlier than 0:5.3.3-27.el6_5.1 AND php-cli is earlier than 0:5.3.3-27.el6_5.1 AND php-common is earlier than 0:5.3.3-27.el6_5.1 AND php-dba is earlier than 0:5.3.3-27.el6_5.1 AND php-devel is earlier than 0:5.3.3-27.el6_5.1 AND php-embedded is earlier than 0:5.3.3-27.el6_5.1 AND php-enchant is earlier than 0:5.3.3-27.el6_5.1 AND php-fpm is earlier than 0:5.3.3-27.el6_5.1 AND php-gd is earlier than 0:5.3.3-27.el6_5.1 AND php-imap is earlier than 0:5.3.3-27.el6_5.1 AND php-intl is earlier than 0:5.3.3-27.el6_5.1 AND php-ldap is earlier than 0:5.3.3-27.el6_5.1 AND php-mbstring is earlier than 0:5.3.3-27.el6_5.1 AND php-mysql is earlier than 0:5.3.3-27.el6_5.1 AND php-odbc is earlier than 0:5.3.3-27.el6_5.1 AND php-pdo is earlier than 0:5.3.3-27.el6_5.1 AND php-pgsql is earlier than 0:5.3.3-27.el6_5.1 AND php-process is earlier than 0:5.3.3-27.el6_5.1 AND php-pspell is earlier than 0:5.3.3-27.el6_5.1 AND php-recode is earlier than 0:5.3.3-27.el6_5.1 AND php-snmp is earlier than 0:5.3.3-27.el6_5.1 AND php-soap is earlier than 0:5.3.3-27.el6_5.1 AND php-tidy is earlier than 0:5.3.3-27.el6_5.1 AND php-xml is earlier than 0:5.3.3-27.el6_5.1 AND php-xmlrpc is earlier than 0:5.3.3-27.el6_5.1 AND php-zts is earlier than 0:5.3.3-27.el6_5.1

Definition Id: oval:org.mitre.oval:def:26421

Oval ID:	oval:org.mitre.oval:def:26421
Title:	RHSA-2014:1013: php security update (Moderate)
Description:	PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP's fileinfo module provides functions used to identify a particular file according to the type of data contained by the file. A denial of service flaw was found in the File Information (fileinfo) extension rules for detecting AWK files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of CPU. (CVE-2013-7345) Multiple denial of service flaws were found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash a PHP application using fileinfo via a specially crafted CDF file. (CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487) A heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT records. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. (CVE-2014-4049) A type confusion issue was found in PHP's phpinfo() function. A malicious script author could possibly use this flaw to disclose certain portions of server memory. (CVE-2014-4721) A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3515) The CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, and CVE-2014-3487 issues were discovered by Francisco Alonso of Red Hat Product Security. All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1013-00 CESA-2014:1013 CVE-2013-7345 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-4049 CVE-2014-4721	Version:	3
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	php
Definition Synopsis:
Redhat 7 or Centos 7 release The operating system installed on the system is Red Hat Enterprise Linux 7 AND The operating system installed on the system is CentOS Linux 7.x Packages section php is earlier than 0:5.4.16-23.el7_0 AND php-bcmath is earlier than 0:5.4.16-23.el7_0 AND php-cli is earlier than 0:5.4.16-23.el7_0 AND php-common is earlier than 0:5.4.16-23.el7_0 AND php-dba is earlier than 0:5.4.16-23.el7_0 AND php-devel is earlier than 0:5.4.16-23.el7_0 AND php-embedded is earlier than 0:5.4.16-23.el7_0 AND php-enchant is earlier than 0:5.4.16-23.el7_0 AND php-fpm is earlier than 0:5.4.16-23.el7_0 AND php-gd is earlier than 0:5.4.16-23.el7_0 AND php-intl is earlier than 0:5.4.16-23.el7_0 AND php-ldap is earlier than 0:5.4.16-23.el7_0 AND php-mbstring is earlier than 0:5.4.16-23.el7_0 AND php-mysql is earlier than 0:5.4.16-23.el7_0 AND php-mysqlnd is earlier than 0:5.4.16-23.el7_0 AND php-odbc is earlier than 0:5.4.16-23.el7_0 AND php-pdo is earlier than 0:5.4.16-23.el7_0 AND php-pgsql is earlier than 0:5.4.16-23.el7_0 AND php-process is earlier than 0:5.4.16-23.el7_0 AND php-pspell is earlier than 0:5.4.16-23.el7_0 AND php-recode is earlier than 0:5.4.16-23.el7_0 AND php-snmp is earlier than 0:5.4.16-23.el7_0 AND php-soap is earlier than 0:5.4.16-23.el7_0 AND php-xml is earlier than 0:5.4.16-23.el7_0 AND php-xmlrpc is earlier than 0:5.4.16-23.el7_0

Definition Id: oval:org.mitre.oval:def:26721

Oval ID:	oval:org.mitre.oval:def:26721
Title:	ELSA-2014-1013 -- php security update (moderate)
Description:	[5.4.16-23] - fileinfo: cdf_unpack_summary_info() excessive looping DoS. CVE-2014-0237 - fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238 - fileinfo: cdf_check_stream_offset insufficient boundary check. CVE-2014-3479 - fileinfo: cdf_count_chain insufficient boundary check CVE-2014-3480 - fileinfo: cdf_read_short_sector insufficient boundary check. CVE-2014-0207 - fileinfo: cdf_read_property_info insufficient boundary check. CVE-2014-3487 - fileinfo: fix extensive backtracking CVE-2013-7345 - core: type confusion issue in phpinfo(). CVE-2014-4721 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw. CVE-2014-3515
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1013 CVE-2013-7345 CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-4049 CVE-2014-4721	Version:	3
Platform(s):	Oracle Linux 7	Product(s):	php
Definition Synopsis:
Oracle Linux 7.x Packages match section php is earlier than 0:5.4.16-23.el7_0 AND php-bcmath is earlier than 0:5.4.16-23.el7_0 AND php-cli is earlier than 0:5.4.16-23.el7_0 AND php-common is earlier than 0:5.4.16-23.el7_0 AND php-dba is earlier than 0:5.4.16-23.el7_0 AND php-devel is earlier than 0:5.4.16-23.el7_0 AND php-embedded is earlier than 0:5.4.16-23.el7_0 AND php-enchant is earlier than 0:5.4.16-23.el7_0 AND php-fpm is earlier than 0:5.4.16-23.el7_0 AND php-gd is earlier than 0:5.4.16-23.el7_0 AND php-intl is earlier than 0:5.4.16-23.el7_0 AND php-ldap is earlier than 0:5.4.16-23.el7_0 AND php-mbstring is earlier than 0:5.4.16-23.el7_0 AND php-mysql is earlier than 0:5.4.16-23.el7_0 AND php-mysqlnd is earlier than 0:5.4.16-23.el7_0 AND php-odbc is earlier than 0:5.4.16-23.el7_0 AND php-pdo is earlier than 0:5.4.16-23.el7_0 AND php-pgsql is earlier than 0:5.4.16-23.el7_0 AND php-process is earlier than 0:5.4.16-23.el7_0 AND php-pspell is earlier than 0:5.4.16-23.el7_0 AND php-recode is earlier than 0:5.4.16-23.el7_0 AND php-snmp is earlier than 0:5.4.16-23.el7_0 AND php-soap is earlier than 0:5.4.16-23.el7_0 AND php-xml is earlier than 0:5.4.16-23.el7_0 AND php-xmlrpc is earlier than 0:5.4.16-23.el7_0

CPE : Common Platform Enumeration

Type	Description	Count
Application	Php cpe:2.3:a:php:php:5.5.9:-:::::: cpe:2.3:a:php:php:5.5.9:rc1:::::: cpe:2.3:a:php:php:5.5.8:-:::::: cpe:2.3:a:php:php:5.5.8:rc1:::::: cpe:2.3:a:php:php:5.5.7:-:::::: cpe:2.3:a:php:php:5.5.7:rc1:::::: cpe:2.3:a:php:php:5.5.6:-:::::: cpe:2.3:a:php:php:5.5.6:rc1:::::: cpe:2.3:a:php:php:5.5.5:-:::::: cpe:2.3:a:php:php:5.5.5:rc1:::::: cpe:2.3:a:php:php:5.5.4:-:::::: cpe:2.3:a:php:php:5.5.4:rc1:::::: cpe:2.3:a:php:php:5.5.3:::::::* cpe:2.3:a:php:php:5.5.2:-:::::: cpe:2.3:a:php:php:5.5.2:rc1:::::: cpe:2.3:a:php:php:5.5.13:-:::::: cpe:2.3:a:php:php:5.5.13:rc1:::::: cpe:2.3:a:php:php:5.5.12:-:::::: cpe:2.3:a:php:php:5.5.12:rc1:::::: cpe:2.3:a:php:php:5.5.11:-:::::: cpe:2.3:a:php:php:5.5.11:rc1:::::: cpe:2.3:a:php:php:5.5.10:-:::::: cpe:2.3:a:php:php:5.5.10:rc1:::::: cpe:2.3:a:php:php:5.5.1:::::::* cpe:2.3:a:php:php:5.5.0:alpha1:::::: cpe:2.3:a:php:php:5.5.0:beta4:::::: cpe:2.3:a:php:php:5.5.0:alpha6:::::: cpe:2.3:a:php:php:5.5.0:alpha2:::::: cpe:2.3:a:php:php:5.5.0:alpha5:::::: cpe:2.3:a:php:php:5.5.0:beta3:::::: cpe:2.3:a:php:php:5.5.0:beta2:::::: cpe:2.3:a:php:php:5.5.0:rc1:::::: cpe:2.3:a:php:php:5.5.0:alpha4:::::: cpe:2.3:a:php:php:5.5.0:beta1:::::: cpe:2.3:a:php:php:5.5.0:alpha3:::::: cpe:2.3:a:php:php:5.5.0:rc2:::::: cpe:2.3:a:php:php:5.5.0:-:::::: cpe:2.3:a:php:php:5.5.0:rc3:::::: cpe:2.3:a:php:php:5.4.9:-:::::: cpe:2.3:a:php:php:5.4.9:rc1:::::: cpe:2.3:a:php:php:5.4.8:-:::::: cpe:2.3:a:php:php:5.4.8:rc1:::::: cpe:2.3:a:php:php:5.4.7:-:::::: cpe:2.3:a:php:php:5.4.7:rc1:::::: cpe:2.3:a:php:php:5.4.6:-:::::: cpe:2.3:a:php:php:5.4.6:rc1:::::: cpe:2.3:a:php:php:5.4.5:-:::::: cpe:2.3:a:php:php:5.4.5:rc1:::::: cpe:2.3:a:php:php:5.4.45:::::::* cpe:2.3:a:php:php:5.4.44:::::::* cpe:2.3:a:php:php:5.4.43:::::::* cpe:2.3:a:php:php:5.4.42:::::::* cpe:2.3:a:php:php:5.4.41:::::::* cpe:2.3:a:php:php:5.4.40:::::::* cpe:2.3:a:php:php:5.4.4:-:::::: cpe:2.3:a:php:php:5.4.4:rc1:::::: cpe:2.3:a:php:php:5.4.4:rc2:::::: cpe:2.3:a:php:php:5.4.39:::::::* cpe:2.3:a:php:php:5.4.38:::::::* cpe:2.3:a:php:php:5.4.37:::::::* cpe:2.3:a:php:php:5.4.36:::::::* cpe:2.3:a:php:php:5.4.35:::::::* cpe:2.3:a:php:php:5.4.34:::::::* cpe:2.3:a:php:php:5.4.33:-:::::: cpe:2.3:a:php:php:5.4.33:rc1:::::: cpe:2.3:a:php:php:5.4.32:-:::::: cpe:2.3:a:php:php:5.4.32:rc1:::::: cpe:2.3:a:php:php:5.4.31:-:::::: cpe:2.3:a:php:php:5.4.31:rc1:::::: cpe:2.3:a:php:php:5.4.30:-:::::: cpe:2.3:a:php:php:5.4.30:rc1:::::: cpe:2.3:a:php:php:5.4.3:::::::* cpe:2.3:a:php:php:5.4.29:-:::::: cpe:2.3:a:php:php:5.4.29:rc1:::::: cpe:2.3:a:php:php:5.4.28:-:::::: cpe:2.3:a:php:php:5.4.28:rc1:::::: cpe:2.3:a:php:php:5.4.27:-:::::: cpe:2.3:a:php:php:5.4.27:rc1:::::: cpe:2.3:a:php:php:5.4.26:-:::::: cpe:2.3:a:php:php:5.4.26:rc1:::::: cpe:2.3:a:php:php:5.4.25:-:::::: cpe:2.3:a:php:php:5.4.25:rc1:::::: cpe:2.3:a:php:php:5.4.24:-:::::: cpe:2.3:a:php:php:5.4.24:rc1:::::: cpe:2.3:a:php:php:5.4.23:-:::::: cpe:2.3:a:php:php:5.4.23:rc1:::::: cpe:2.3:a:php:php:5.4.22:-:::::: cpe:2.3:a:php:php:5.4.22:rc1:::::: cpe:2.3:a:php:php:5.4.21:-:::::: cpe:2.3:a:php:php:5.4.21:rc1:::::: cpe:2.3:a:php:php:5.4.20:-:::::: cpe:2.3:a:php:php:5.4.20:rc1:::::: cpe:2.3:a:php:php:5.4.2:::::::* cpe:2.3:a:php:php:5.4.19:::::::* cpe:2.3:a:php:php:5.4.18:-:::::: cpe:2.3:a:php:php:5.4.18:rc1:::::: cpe:2.3:a:php:php:5.4.18:rc2:::::: cpe:2.3:a:php:php:5.4.17:-:::::: cpe:2.3:a:php:php:5.4.17:rc1:::::: cpe:2.3:a:php:php:5.4.16:rc1:::::: cpe:2.3:a:php:php:5.4.16:-:::::: cpe:2.3:a:php:php:5.4.15:rc1:::::: cpe:2.3:a:php:php:5.4.15:-:::::: cpe:2.3:a:php:php:5.4.14:rc1:::::: cpe:2.3:a:php:php:5.4.14:-:::::: cpe:2.3:a:php:php:5.4.13:rc1:::::: cpe:2.3:a:php:php:5.4.13:-:::::: cpe:2.3:a:php:php:5.4.12:rc2:::::: cpe:2.3:a:php:php:5.4.12:rc1:::::: cpe:2.3:a:php:php:5.4.12:-:::::: cpe:2.3:a:php:php:5.4.11:-:::::: cpe:2.3:a:php:php:5.4.11:rc1:::::: cpe:2.3:a:php:php:5.4.10:-:::::: cpe:2.3:a:php:php:5.4.10:rc1:::::: cpe:2.3:a:php:php:5.4.1:::::::* cpe:2.3:a:php:php:5.4.1:rc1:::::: cpe:2.3:a:php:php:5.4.1:rc2:::::: cpe:2.3:a:php:php:5.4.0:beta2:::::: cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::* cpe:2.3:a:php:php:5.4.0:rc2:::::: cpe:2.3:a:php:php:5.4.0:-:::::: cpe:2.3:a:php:php:5.4.0:alpha1:::::: cpe:2.3:a:php:php:5.4.0:alpha2:::::: cpe:2.3:a:php:php:5.4.0:alpha3:::::: cpe:2.3:a:php:php:5.4.0:beta1:::::: cpe:2.3:a:php:php:5.4.0:rc1:::::: cpe:2.3:a:php:php:5.4.0:rc3:::::: cpe:2.3:a:php:php:5.4.0:rc4:::::: cpe:2.3:a:php:php:5.4.0:rc5:::::: cpe:2.3:a:php:php:5.4.0:rc6:::::: cpe:2.3:a:php:php:5.4.0:rc7:::::: cpe:2.3:a:php:php:5.4.0:rc8:::::: cpe:2.3:a:php:php:5.3.9:-:::::: cpe:2.3:a:php:php:5.3.9:rc1:::::: cpe:2.3:a:php:php:5.3.9:rc2:::::: cpe:2.3:a:php:php:5.3.9:rc3:::::: cpe:2.3:a:php:php:5.3.9:rc4:::::: cpe:2.3:a:php:php:5.3.8:::::::* cpe:2.3:a:php:php:5.3.7:-:::::: cpe:2.3:a:php:php:5.3.7:rc1:::::: cpe:2.3:a:php:php:5.3.7:rc2:::::: cpe:2.3:a:php:php:5.3.7:rc3:::::: cpe:2.3:a:php:php:5.3.7:rc4:::::: cpe:2.3:a:php:php:5.3.7:rc5:::::: cpe:2.3:a:php:php:5.3.6:::::::* cpe:2.3:a:php:php:5.3.6:rc1:::::: cpe:2.3:a:php:php:5.3.6:rc2:::::: cpe:2.3:a:php:php:5.3.6:rc3:::::: cpe:2.3:a:php:php:5.3.5:::::::* cpe:2.3:a:php:php:5.3.4:-:::::: cpe:2.3:a:php:php:5.3.4:rc1:::::: cpe:2.3:a:php:php:5.3.4:rc2:::::: cpe:2.3:a:php:php:5.3.3:-:::::: cpe:2.3:a:php:php:5.3.3:rc1:::::: cpe:2.3:a:php:php:5.3.3:rc2:::::: cpe:2.3:a:php:php:5.3.3:rc3:::::: cpe:2.3:a:php:php:5.3.29:-:::::: cpe:2.3:a:php:php:5.3.29:rc1:::::: cpe:2.3:a:php:php:5.3.28:::::::* cpe:2.3:a:php:php:5.3.27:-:::::: cpe:2.3:a:php:php:5.3.27:rc1:::::: cpe:2.3:a:php:php:5.3.26:-:::::: cpe:2.3:a:php:php:5.3.26:rc1:::::: cpe:2.3:a:php:php:5.3.25:-:::::: cpe:2.3:a:php:php:5.3.25:rc1:::::: cpe:2.3:a:php:php:5.3.24:-:::::: cpe:2.3:a:php:php:5.3.24:rc1:::::: cpe:2.3:a:php:php:5.3.23:-:::::: cpe:2.3:a:php:php:5.3.23:rc1:::::: cpe:2.3:a:php:php:5.3.22:-:::::: cpe:2.3:a:php:php:5.3.22:rc1:::::: cpe:2.3:a:php:php:5.3.22:rc2:::::: cpe:2.3:a:php:php:5.3.21:-:::::: cpe:2.3:a:php:php:5.3.21:rc1:::::: cpe:2.3:a:php:php:5.3.20:-:::::: cpe:2.3:a:php:php:5.3.20:rc1:::::: cpe:2.3:a:php:php:5.3.2:-:::::: cpe:2.3:a:php:php:5.3.2:rc1:::::: cpe:2.3:a:php:php:5.3.2:rc2:::::: cpe:2.3:a:php:php:5.3.2:rc3:::::: cpe:2.3:a:php:php:5.3.19:-:::::: cpe:2.3:a:php:php:5.3.19:rc1:::::: cpe:2.3:a:php:php:5.3.18:-:::::: cpe:2.3:a:php:php:5.3.18:rc1:::::: cpe:2.3:a:php:php:5.3.17:::::::* cpe:2.3:a:php:php:5.3.16:::::::* cpe:2.3:a:php:php:5.3.15:-:::::: cpe:2.3:a:php:php:5.3.15:rc1:::::: cpe:2.3:a:php:php:5.3.14:-:::::: cpe:2.3:a:php:php:5.3.14:rc1:::::: cpe:2.3:a:php:php:5.3.14:rc2:::::: cpe:2.3:a:php:php:5.3.13:::::::* cpe:2.3:a:php:php:5.3.12:::::::* cpe:2.3:a:php:php:5.3.11:-:::::: cpe:2.3:a:php:php:5.3.11:rc1:::::: cpe:2.3:a:php:php:5.3.11:rc2:::::: cpe:2.3:a:php:php:5.3.10:::::::* cpe:2.3:a:php:php:5.3.1:-:::::: cpe:2.3:a:php:php:5.3.1:rc1:::::: cpe:2.3:a:php:php:5.3.1:rc2:::::: cpe:2.3:a:php:php:5.3.1:rc3:::::: cpe:2.3:a:php:php:5.3.1:rc4:::::: cpe:2.3:a:php:php:5.3.0:-:::::: cpe:2.3:a:php:php:5.3.0:alpha1:::::: cpe:2.3:a:php:php:5.3.0:alpha2:::::: cpe:2.3:a:php:php:5.3.0:alpha3:::::: cpe:2.3:a:php:php:5.3.0:beta1:::::: cpe:2.3:a:php:php:5.3.0:rc1:::::: cpe:2.3:a:php:php:5.3.0:rc2:::::: cpe:2.3:a:php:php:5.3.0:rc3:::::: cpe:2.3:a:php:php:5.3.0:rc4:::::: cpe:2.3:a:php:php:5.2.9:-:::::: cpe:2.3:a:php:php:5.2.9:rc1:::::: cpe:2.3:a:php:php:5.2.9:rc2:::::: cpe:2.3:a:php:php:5.2.9:rc3:::::: cpe:2.3:a:php:php:5.2.8:::::::* cpe:2.3:a:php:php:5.2.7:-:::::: cpe:2.3:a:php:php:5.2.7:rc1:::::: cpe:2.3:a:php:php:5.2.7:rc2:::::: cpe:2.3:a:php:php:5.2.7:rc3:::::: cpe:2.3:a:php:php:5.2.7:rc4:::::: cpe:2.3:a:php:php:5.2.7:rc5:::::: cpe:2.3:a:php:php:5.2.6:-:::::: cpe:2.3:a:php:php:5.2.6:rc1:::::: cpe:2.3:a:php:php:5.2.6:rc2:::::: cpe:2.3:a:php:php:5.2.6:rc3:::::: cpe:2.3:a:php:php:5.2.6:rc4:::::: cpe:2.3:a:php:php:5.2.6:rc5:::::: cpe:2.3:a:php:php:5.2.5:-:::::: cpe:2.3:a:php:php:5.2.5:rc1:::::: cpe:2.3:a:php:php:5.2.5:rc2:::::: cpe:2.3:a:php:php:5.2.4::windows::::: cpe:2.3:a:php:php:5.2.4:-:::::: cpe:2.3:a:php:php:5.2.4:rc1:::::: cpe:2.3:a:php:php:5.2.4:rc2:::::: cpe:2.3:a:php:php:5.2.4:rc3:::::: cpe:2.3:a:php:php:5.2.3:-:::::: cpe:2.3:a:php:php:5.2.3:rc1:::::: cpe:2.3:a:php:php:5.2.2:-:::::: cpe:2.3:a:php:php:5.2.2:rc1:::::: cpe:2.3:a:php:php:5.2.2:rc2:::::: cpe:2.3:a:php:php:5.2.17:::::::* cpe:2.3:a:php:php:5.2.16:::::::* cpe:2.3:a:php:php:5.2.15:-:::::: cpe:2.3:a:php:php:5.2.15:rc1:::::: cpe:2.3:a:php:php:5.2.15:rc2:::::: cpe:2.3:a:php:php:5.2.14:-:::::: cpe:2.3:a:php:php:5.2.14:rc1:::::: cpe:2.3:a:php:php:5.2.14:rc2:::::: cpe:2.3:a:php:php:5.2.14:rc3:::::: cpe:2.3:a:php:php:5.2.13:-:::::: cpe:2.3:a:php:php:5.2.13:rc1:::::: cpe:2.3:a:php:php:5.2.13:rc2:::::: cpe:2.3:a:php:php:5.2.12:-:::::: cpe:2.3:a:php:php:5.2.12:rc1:::::: cpe:2.3:a:php:php:5.2.12:rc2:::::: cpe:2.3:a:php:php:5.2.12:rc3:::::: cpe:2.3:a:php:php:5.2.12:rc4:::::: cpe:2.3:a:php:php:5.2.11:-:::::: cpe:2.3:a:php:php:5.2.11:rc1:::::: cpe:2.3:a:php:php:5.2.11:rc2:::::: cpe:2.3:a:php:php:5.2.11:rc3:::::: cpe:2.3:a:php:php:5.2.10:-:::::: cpe:2.3:a:php:php:5.2.10:rc1:::::: cpe:2.3:a:php:php:5.2.10:rc2:::::: cpe:2.3:a:php:php:5.2.1:-:::::: cpe:2.3:a:php:php:5.2.1:rc1:::::: cpe:2.3:a:php:php:5.2.1:rc2:::::: cpe:2.3:a:php:php:5.2.1:rc3:::::: cpe:2.3:a:php:php:5.2.1:rc4:::::: cpe:2.3:a:php:php:5.2.0:::::::* cpe:2.3:a:php:php:5.2.0:rc1:::::: cpe:2.3:a:php:php:5.2.0:rc2:::::: cpe:2.3:a:php:php:5.2.0:rc3:::::: cpe:2.3:a:php:php:5.2.0:rc4:::::: cpe:2.3:a:php:php:5.2.0:rc5:::::: cpe:2.3:a:php:php:5.2.0:rc6:::::: cpe:2.3:a:php:php:5.1.6:::::::* cpe:2.3:a:php:php:5.1.5:-:::::: cpe:2.3:a:php:php:5.1.5:rc1:::::: cpe:2.3:a:php:php:5.1.4:::::::* cpe:2.3:a:php:php:5.1.3:::::::* cpe:2.3:a:php:php:5.1.3:rc1:::::: cpe:2.3:a:php:php:5.1.3:rc2:::::: cpe:2.3:a:php:php:5.1.3:rc3:::::: cpe:2.3:a:php:php:5.1.2:-:::::: cpe:2.3:a:php:php:5.1.2:rc1:::::: cpe:2.3:a:php:php:5.1.2:rc2:::::: cpe:2.3:a:php:php:5.1.1:::::::* cpe:2.3:a:php:php:5.1.0:-:::::: cpe:2.3:a:php:php:5.1.0:beta1:::::: cpe:2.3:a:php:php:5.1.0:beta2:::::: cpe:2.3:a:php:php:5.1.0:beta3:::::: cpe:2.3:a:php:php:5.1.0:rc1:::::: cpe:2.3:a:php:php:5.1.0:rc2:::::: cpe:2.3:a:php:php:5.1.0:rc2-pre:::::: cpe:2.3:a:php:php:5.1.0:rc3:::::: cpe:2.3:a:php:php:5.1.0:rc4:::::: cpe:2.3:a:php:php:5.1.0:rc5:::::: cpe:2.3:a:php:php:5.1.0:rc6:::::: cpe:2.3:a:php:php:5.0.5:-:::::: cpe:2.3:a:php:php:5.0.5:rc1:::::: cpe:2.3:a:php:php:5.0.5:rc2:::::: cpe:2.3:a:php:php:5.0.4:-:::::: cpe:2.3:a:php:php:5.0.4:rc1:::::: cpe:2.3:a:php:php:5.0.4:rc2:::::: cpe:2.3:a:php:php:5.0.3:-:::::: cpe:2.3:a:php:php:5.0.3:rc1:::::: cpe:2.3:a:php:php:5.0.3:rc2:::::: cpe:2.3:a:php:php:5.0.2:-:::::: cpe:2.3:a:php:php:5.0.2:rc1:::::: cpe:2.3:a:php:php:5.0.1:-:::::: cpe:2.3:a:php:php:5.0.1:beta1:::::: cpe:2.3:a:php:php:5.0.1:rc1:::::: cpe:2.3:a:php:php:5.0.1:rc2:::::: cpe:2.3:a:php:php:5.0.0:beta3:::::: cpe:2.3:a:php:php:5.0.0:rc3:::::: cpe:2.3:a:php:php:5.0.0:beta1:::::: cpe:2.3:a:php:php:5.0.0:beta4:::::: cpe:2.3:a:php:php:5.0.0:rc1:::::: cpe:2.3:a:php:php:5.0.0:beta2:::::: cpe:2.3:a:php:php:5.0.0:rc2:::::: cpe:2.3:a:php:php:5.0.0:-:::::: cpe:2.3:a:php:php:5.0:rc1:::::: cpe:2.3:a:php:php:5.0:rc3:::::: cpe:2.3:a:php:php:5.0:rc2:::::: cpe:2.3:a:php:php:5:::::::* cpe:2.3:a:php:php:4.4.9:-:::::: cpe:2.3:a:php:php:4.4.9:rc1:::::: cpe:2.3:a:php:php:4.4.8:-:::::: cpe:2.3:a:php:php:4.4.8:rc1:::::: cpe:2.3:a:php:php:4.4.7:-:::::: cpe:2.3:a:php:php:4.4.7:rc1:::::: cpe:2.3:a:php:php:4.4.6:-:::::: cpe:2.3:a:php:php:4.4.6:rc1:::::: cpe:2.3:a:php:php:4.4.5:-:::::: cpe:2.3:a:php:php:4.4.5:rc1:::::: cpe:2.3:a:php:php:4.4.5:rc2:::::: cpe:2.3:a:php:php:4.4.4:-:::::: cpe:2.3:a:php:php:4.4.4:rc1:::::: cpe:2.3:a:php:php:4.4.3:-:::::: cpe:2.3:a:php:php:4.4.3:rc1:::::: cpe:2.3:a:php:php:4.4.3:rc2:::::: cpe:2.3:a:php:php:4.4.2:-:::::: cpe:2.3:a:php:php:4.4.2:rc1:::::: cpe:2.3:a:php:php:4.4.2:rc2:::::: cpe:2.3:a:php:php:4.4.1:-:::::: cpe:2.3:a:php:php:4.4.1:rc1:::::: cpe:2.3:a:php:php:4.4.0:-:::::: cpe:2.3:a:php:php:4.4.0:rc1:::::: cpe:2.3:a:php:php:4.4.0:rc2:::::: cpe:2.3:a:php:php:4.3.9:::::::* cpe:2.3:a:php:php:4.3.9:rc1:::::: cpe:2.3:a:php:php:4.3.9:rc2:::::: cpe:2.3:a:php:php:4.3.9:rc3:::::: cpe:2.3:a:php:php:4.3.8:::::::* cpe:2.3:a:php:php:4.3.7:-:::::: cpe:2.3:a:php:php:4.3.7:rc1:::::: cpe:2.3:a:php:php:4.3.6:-:::::: cpe:2.3:a:php:php:4.3.6:rc1:::::: cpe:2.3:a:php:php:4.3.6:rc2:::::: cpe:2.3:a:php:php:4.3.6:rc3:::::: cpe:2.3:a:php:php:4.3.5:-:::::: cpe:2.3:a:php:php:4.3.5:rc1:::::: cpe:2.3:a:php:php:4.3.5:rc2:::::: cpe:2.3:a:php:php:4.3.5:rc3:::::: cpe:2.3:a:php:php:4.3.5:rc4:::::: cpe:2.3:a:php:php:4.3.4:-:::::: cpe:2.3:a:php:php:4.3.4:rc1:::::: cpe:2.3:a:php:php:4.3.4:rc2:::::: cpe:2.3:a:php:php:4.3.4:rc3:::::: cpe:2.3:a:php:php:4.3.3:-:::::: cpe:2.3:a:php:php:4.3.3:rc1:::::: cpe:2.3:a:php:php:4.3.3:rc2:::::: cpe:2.3:a:php:php:4.3.3:rc3:::::: cpe:2.3:a:php:php:4.3.3:rc4:::::: cpe:2.3:a:php:php:4.3.2:-:::::: cpe:2.3:a:php:php:4.3.2:rc1:::::: cpe:2.3:a:php:php:4.3.2:rc2:::::: cpe:2.3:a:php:php:4.3.2:rc3:::::: cpe:2.3:a:php:php:4.3.2:rc4:::::: cpe:2.3:a:php:php:4.3.11:-:::::: cpe:2.3:a:php:php:4.3.11:rc1:::::: cpe:2.3:a:php:php:4.3.11:rc2:::::: cpe:2.3:a:php:php:4.3.10:-:::::: cpe:2.3:a:php:php:4.3.10:rc1:::::: cpe:2.3:a:php:php:4.3.10:rc2:::::: cpe:2.3:a:php:php:4.3.1:::::::* cpe:2.3:a:php:php:4.3.0:-:::::: cpe:2.3:a:php:php:4.3.0:alpha1:::::: cpe:2.3:a:php:php:4.3.0:alpha2:::::: cpe:2.3:a:php:php:4.3.0:alpha3:::::: cpe:2.3:a:php:php:4.3.0:dev:::::: cpe:2.3:a:php:php:4.3.0:pre1:::::: cpe:2.3:a:php:php:4.3.0:pre2:::::: cpe:2.3:a:php:php:4.3.0:rc1:::::: cpe:2.3:a:php:php:4.3.0:rc2:::::: cpe:2.3:a:php:php:4.3.0:rc3:::::: cpe:2.3:a:php:php:4.3.0:rc4:::::: cpe:2.3:a:php:php:4.2.3:-:::::: cpe:2.3:a:php:php:4.2.3:rc1:::::: cpe:2.3:a:php:php:4.2.3:rc2:::::: cpe:2.3:a:php:php:4.2.2:::::::* cpe:2.3:a:php:php:4.2.1:-:::::: cpe:2.3:a:php:php:4.2.1:rc1:::::: cpe:2.3:a:php:php:4.2.1:rc2:::::: cpe:2.3:a:php:php:4.2.0:-:::::: cpe:2.3:a:php:php:4.2.0:rc1:::::: cpe:2.3:a:php:php:4.2.0:rc2:::::: cpe:2.3:a:php:php:4.2.0:rc3:::::: cpe:2.3:a:php:php:4.2.0:rc4:::::: cpe:2.3:a:php:php:4.2::dev::::: cpe:2.3:a:php:php:4.1.2:::::::* cpe:2.3:a:php:php:4.1.1:::::::* cpe:2.3:a:php:php:4.1.0:-:::::: cpe:2.3:a:php:php:4.1.0:rc1:::::: cpe:2.3:a:php:php:4.1.0:rc2:::::: cpe:2.3:a:php:php:4.1.0:rc3:::::: cpe:2.3:a:php:php:4.1.0:rc4:::::: cpe:2.3:a:php:php:4.1.0:rc5:::::: cpe:2.3:a:php:php:4.0.7:rc3:::::: cpe:2.3:a:php:php:4.0.7:rc2:::::: cpe:2.3:a:php:php:4.0.7:rc4:::::: cpe:2.3:a:php:php:4.0.7:rc1:::::: cpe:2.3:a:php:php:4.0.7:-:::::: cpe:2.3:a:php:php:4.0.6:-:::::: cpe:2.3:a:php:php:4.0.6:rc1:::::: cpe:2.3:a:php:php:4.0.6:rc2:::::: cpe:2.3:a:php:php:4.0.6:rc3:::::: cpe:2.3:a:php:php:4.0.6:rc4:::::: cpe:2.3:a:php:php:4.0.5:-:::::: cpe:2.3:a:php:php:4.0.5:rc1:::::: cpe:2.3:a:php:php:4.0.5:rc2:::::: cpe:2.3:a:php:php:4.0.5:rc3:::::: cpe:2.3:a:php:php:4.0.5:rc4:::::: cpe:2.3:a:php:php:4.0.5:rc5:::::: cpe:2.3:a:php:php:4.0.5:rc6:::::: cpe:2.3:a:php:php:4.0.5:rc7:::::: cpe:2.3:a:php:php:4.0.5:rc8:::::: cpe:2.3:a:php:php:4.0.4pl1:::::::* cpe:2.3:a:php:php:4.0.4:patch1:::::: cpe:2.3:a:php:php:4.0.4:-:::::: cpe:2.3:a:php:php:4.0.4:rc1:::::: cpe:2.3:a:php:php:4.0.4:rc2:::::: cpe:2.3:a:php:php:4.0.4:rc3:::::: cpe:2.3:a:php:php:4.0.4:rc4:::::: cpe:2.3:a:php:php:4.0.4:rc5:::::: cpe:2.3:a:php:php:4.0.4:rc6:::::: cpe:2.3:a:php:php:4.0.3:::::::* cpe:2.3:a:php:php:4.0.3:patch1:::::: cpe:2.3:a:php:php:4.0.3:rc1:::::: cpe:2.3:a:php:php:4.0.3:rc2:::::: cpe:2.3:a:php:php:4.0.2:::::::* cpe:2.3:a:php:php:4.0.2:rc1:::::: cpe:2.3:a:php:php:4.0.1:patch2:::::: cpe:2.3:a:php:php:4.0.1:patch1:::::: cpe:2.3:a:php:php:4.0.1:-:::::: cpe:2.3:a:php:php:4.0.1:rc:::::: cpe:2.3:a:php:php:4.0.1:rc2:::::: cpe:2.3:a:php:php:4.0.0:::::::* cpe:2.3:a:php:php:4.0:beta1:::::: cpe:2.3:a:php:php:4.0:beta2:::::: cpe:2.3:a:php:php:4.0:beta3:::::: cpe:2.3:a:php:php:4.0:beta4:::::: cpe:2.3:a:php:php:4.0:beta_4_patch1:::::: cpe:2.3:a:php:php:4.0:rc1:::::: cpe:2.3:a:php:php:4.0:rc2:::::: cpe:2.3:a:php:php:4.0:-:::::: cpe:2.3:a:php:php:4:::::::* cpe:2.3:a:php:php:3.0.9:::::::* cpe:2.3:a:php:php:3.0.8:::::::* cpe:2.3:a:php:php:3.0.7:::::::* cpe:2.3:a:php:php:3.0.6:::::::* cpe:2.3:a:php:php:3.0.5:::::::* cpe:2.3:a:php:php:3.0.4:::::::* cpe:2.3:a:php:php:3.0.3:::::::* cpe:2.3:a:php:php:3.0.2:::::::* cpe:2.3:a:php:php:3.0.18:::::::* cpe:2.3:a:php:php:3.0.17:::::::* cpe:2.3:a:php:php:3.0.16:::::::* cpe:2.3:a:php:php:3.0.15:::::::* cpe:2.3:a:php:php:3.0.14:::::::* cpe:2.3:a:php:php:3.0.13:::::::* cpe:2.3:a:php:php:3.0.12:::::::* cpe:2.3:a:php:php:3.0.11:::::::* cpe:2.3:a:php:php:3.0.10:::::::* cpe:2.3:a:php:php:3.0.1:::::::* cpe:2.3:a:php:php:3.0:::::::* cpe:2.3:a:php:php:2.0b10:::::::* cpe:2.3:a:php:php:2.0.2:::::::* cpe:2.3:a:php:php:2.0.1:::::::* cpe:2.3:a:php:php:2.0.0:-:::::: cpe:2.3:a:php:php:2.0.0:alpha1:::::: cpe:2.3:a:php:php:2.0.0:alpha2:::::: cpe:2.3:a:php:php:2.0.0:beta1:::::: cpe:2.3:a:php:php:2.0.0:rc1:::::: cpe:2.3:a:php:php:2.0:::::::* cpe:2.3:a:php:php:1.5:::::::* cpe:2.3:a:php:php:1.4:::::::* cpe:2.3:a:php:php:1.3.5:::::::* cpe:2.3:a:php:php:1.3.1:::::::* cpe:2.3:a:php:php:1.3:-:::::: cpe:2.3:a:php:php:1.3:beta2:::::: cpe:2.3:a:php:php:1.3:beta3:::::: cpe:2.3:a:php:php:1.3:beta6:::::: cpe:2.3:a:php:php:1.2.5:::::::* cpe:2.3:a:php:php:1.2.4:::::::* cpe:2.3:a:php:php:1.2.3:::::::* cpe:2.3:a:php:php:1.2.2:::::::* cpe:2.3:a:php:php:1.2.1:::::::* cpe:2.3:a:php:php:1.2.0:::::::* cpe:2.3:a:php:php:1.2:::::::* cpe:2.3:a:php:php:1.1.1:::::::* cpe:2.3:a:php:php:1.1.0:::::::* cpe:2.3:a:php:php:1.1:::::::* cpe:2.3:a:php:php:1.0.4:::::::* cpe:2.3:a:php:php:1.0.3:::::::* cpe:2.3:a:php:php:1.0.2:::::::* cpe:2.3:a:php:php:1.0.1:::::::* cpe:2.3:a:php:php:1.0.0:-:::::: cpe:2.3:a:php:php:1.0.0:rc1:::::: cpe:2.3:a:php:php:1.0:beta1:::::: cpe:2.3:a:php:php:1.0:beta2:::::: cpe:2.3:a:php:php:1.0:beta3:::::: cpe:2.3:a:php:php:1.0:rc1:::::: cpe:2.3:a:php:php:1.0:rc2:::::: cpe:2.3:a:php:php:0.91:::::::* cpe:2.3:a:php:php:0.90:::::::* cpe:2.3:a:php:php:0.9.4:::::::* cpe:2.3:a:php:php:0.9.3:::::::* cpe:2.3:a:php:php:0.9.2:::::::* cpe:2.3:a:php:php:0.9.1:::::::* cpe:2.3:a:php:php:0.9.0:::::::* cpe:2.3:a:php:php:0.9:::::::* cpe:2.3:a:php:php:0.7:::::::* cpe:2.3:a:php:php:0.6:::::::* cpe:2.3:a:php:php:0.5.3:::::::* cpe:2.3:a:php:php:0.5.2:::::::* cpe:2.3:a:php:php:0.5:::::::* cpe:2.3:a:php:php:0.4:::::::* cpe:2.3:a:php:php:0.3:::::::* cpe:2.3:a:php:php:0.2.4:::::::* cpe:2.3:a:php:php:0.2.3:::::::* cpe:2.3:a:php:php:0.2.2:::::::* cpe:2.3:a:php:php:0.2.1:::::::* cpe:2.3:a:php:php:0.2.0:::::::* cpe:2.3:a:php:php:0.2:::::::* cpe:2.3:a:php:php:0.11:::::::* cpe:2.3:a:php:php:0.10:::::::* cpe:2.3:a:php:php:0.1.1:::::::* cpe:2.3:a:php:php:0.1:::::::* cpe:2.3:a:php:php:::::::: cpe:2.3:a:php:php:-:::::::*	553
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:8.0:::::::* cpe:2.3:o:debian:debian_linux:7.0:::::::*	2

Nessus® Vulnerability Scanner

Date	Description
2016-08-29	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1638-1.nasl - Type : ACT_GATHER_INFO
2015-09-24	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17313.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-080.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-18.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140806_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-01	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-471.nasl - Type : ACT_GATHER_INFO
2014-07-31	Name : The remote openSUSE host is missing a security update. File : suse_13_1_openSUSE-2014--140721.nasl - Type : ACT_GATHER_INFO
2014-07-31	Name : The remote openSUSE host is missing a security update. File : suse_12_3_openSUSE-2014--140721.nasl - Type : ACT_GATHER_INFO
2014-07-30	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php53-140720.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2276-1.nasl - Type : ACT_GATHER_INFO
2014-07-10	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-130.nasl - Type : ACT_GATHER_INFO
2014-07-09	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2974.nasl - Type : ACT_GATHER_INFO
2014-06-27	Name : The remote web server is running a version of PHP that is affected by multipl... File : php_5_4_30.nasl - Type : ACT_GATHER_INFO
2014-06-27	Name : The remote web server is running a version of PHP that is affected by multipl... File : php_5_5_14.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
CONFIRM	http://www-01.ibm.com/support/docview.wss?uid=swg21683486 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.php.net/ChangeLog-5.php https://bugs.php.net/bug.php?id=67498
DEBIAN	http://www.debian.org/security/2014/dsa-2974
MISC	http://twitter.com/mikispag/statuses/485713462258302976 https://www.sektioneins.de/en/blog/14-07-04-phpinfo-infoleak.html
REDHAT	http://rhn.redhat.com/errata/RHSA-2014-1765.html http://rhn.redhat.com/errata/RHSA-2014-1766.html
SECUNIA	http://secunia.com/advisories/54553 http://secunia.com/advisories/59794 http://secunia.com/advisories/59831
SUSE	http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.html http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-02-02 01:28:18	Multiple Updates
2024-02-01 12:08:22	Multiple Updates
2023-09-05 12:26:50	Multiple Updates
2023-09-05 01:08:15	Multiple Updates
2023-09-02 12:26:50	Multiple Updates
2023-09-02 01:08:23	Multiple Updates
2023-08-12 12:29:13	Multiple Updates
2023-08-12 01:07:52	Multiple Updates
2023-08-11 12:24:57	Multiple Updates
2023-08-11 01:08:05	Multiple Updates
2023-08-06 12:24:15	Multiple Updates
2023-08-06 01:07:51	Multiple Updates
2023-08-04 12:24:18	Multiple Updates
2023-08-04 01:07:55	Multiple Updates
2023-07-14 12:24:17	Multiple Updates
2023-07-14 01:07:54	Multiple Updates
2023-03-29 01:26:07	Multiple Updates
2023-03-28 12:08:15	Multiple Updates
2023-01-19 21:27:55	Multiple Updates
2022-10-11 12:21:55	Multiple Updates
2022-10-11 01:08:03	Multiple Updates
2021-05-04 12:32:44	Multiple Updates
2021-04-22 01:40:03	Multiple Updates
2020-05-23 01:52:39	Multiple Updates
2020-05-23 00:41:39	Multiple Updates
2019-06-08 12:06:17	Multiple Updates
2018-10-03 12:04:19	Multiple Updates
2018-03-12 12:01:11	Multiple Updates
2017-01-07 09:25:40	Multiple Updates
2016-10-26 09:22:43	Multiple Updates
2016-10-05 01:01:43	Multiple Updates
2016-08-30 13:21:27	Multiple Updates
2016-06-29 00:37:45	Multiple Updates
2016-04-27 01:02:48	Multiple Updates
2015-09-25 13:23:54	Multiple Updates
2015-03-31 13:28:40	Multiple Updates
2015-03-27 13:28:25	Multiple Updates
2014-11-19 09:24:12	Multiple Updates
2014-11-14 13:28:32	Multiple Updates
2014-08-08 13:24:47	Multiple Updates
2014-08-07 13:25:17	Multiple Updates
2014-08-02 13:24:24	Multiple Updates
2014-08-01 13:25:17	Multiple Updates
2014-07-31 13:25:26	Multiple Updates
2014-07-18 09:23:54	Multiple Updates
2014-07-11 13:25:11	Multiple Updates
2014-07-10 13:25:11	Multiple Updates
2014-07-09 13:25:40	Multiple Updates
2014-07-07 21:24:13	Multiple Updates
2014-07-07 05:23:22	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	6
CPE ID(s)	555
Sources(s)	14
Nessus® Exploit(s)	20

	Related
7.5	USN-2276-1
7.5	RHSA-2014:1766
7.5	RHSA-2014:1765
7.5	RHSA-2014:1013
7.5	RHSA-2014:1012
7.5	MDVSA-2015:080
7.5	MDVSA-2014:130
7.5	DSA-2974
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 8 more Alert(s)

2.6 - CVE-2014-4721

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU