Executive Summary
Summary | |
---|---|
Title | php7.0 security update |
Informations | |||
---|---|---|---|
Name | DSA-4628 | First vendor Publication | 2020-02-18 |
Vendor | Debian | Last vendor Modification | 2020-02-18 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | |||
---|---|---|---|
Overall CVSS Score | 9.1 | ||
Base Score | 9.1 | Environmental Score | 9.1 |
impact SubScore | 5.2 | Temporal Score | 9.1 |
Exploitabality Sub Score | 3.9 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | None | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.4 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names. For the oldstable distribution (stretch), these problems have been fixed in version 7.0.33-0+deb9u7. We recommend that you upgrade your php7.0 packages. For the detailed security status of php7.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.0 |
Original Source
Url : http://www.debian.org/security/2020/dsa-4628 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
83 % | CWE-125 | Out-of-bounds Read |
17 % | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2020-07-30 | PHP php_strip_tags_ex function out-of-bounds read attempt RuleID : 54406 - Revision : 1 - Type : SERVER-WEBAPP |
2020-07-30 | PHP php_strip_tags_ex function out-of-bounds read attempt RuleID : 54405 - Revision : 1 - Type : SERVER-WEBAPP |
Alert History
Date | Informations |
---|---|
2020-05-23 13:03:43 |
|
2020-02-19 00:18:25 |
|