oval:org.mitre.oval:def:26943

Definition Id: oval:org.mitre.oval:def:26943

Oval ID:	oval:org.mitre.oval:def:26943
Title:	DEPRECATED: ELSA-2013-0514 -- php security, bug fix and enhancement update (moderate)
Description:	It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks. (CVE-2011-1398) An integer signedness issue, leading to a heap-based buffer underflow, was found in the PHP scandir() function. If a remote attacker could upload an excessively large number of files to a directory the scandir() function runs on, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2012-2688) It was found that PHP did not correctly handle the magic_quotes_gpc configuration directive. This could result in magic_quotes_gpc input escaping not being applied in all cases, possibly making it easier for a remote attacker to perform SQL injection attacks. (CVE-2012-0831)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0514 CVE-2012-2688 CVE-2011-1398 CVE-2012-0831	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	php
Definition Synopsis:
Oracle Linux 6.x Packages match section php is earlier than 0:5.3.3-22.el6 AND php-bcmath is earlier than 0:5.3.3-22.el6 AND php-cli is earlier than 0:5.3.3-22.el6 AND php-common is earlier than 0:5.3.3-22.el6 AND php-dba is earlier than 0:5.3.3-22.el6 AND php-devel is earlier than 0:5.3.3-22.el6 AND php-embedded is earlier than 0:5.3.3-22.el6 AND php-enchant is earlier than 0:5.3.3-22.el6 AND php-fpm is earlier than 0:5.3.3-22.el6 AND php-gd is earlier than 0:5.3.3-22.el6 AND php-imap is earlier than 0:5.3.3-22.el6 AND php-intl is earlier than 0:5.3.3-22.el6 AND php-ldap is earlier than 0:5.3.3-22.el6 AND php-mbstring is earlier than 0:5.3.3-22.el6 AND php-mysql is earlier than 0:5.3.3-22.el6 AND php-odbc is earlier than 0:5.3.3-22.el6 AND php-pdo is earlier than 0:5.3.3-22.el6 AND php-pgsql is earlier than 0:5.3.3-22.el6 AND php-process is earlier than 0:5.3.3-22.el6 AND php-pspell is earlier than 0:5.3.3-22.el6 AND php-recode is earlier than 0:5.3.3-22.el6 AND php-snmp is earlier than 0:5.3.3-22.el6 AND php-soap is earlier than 0:5.3.3-22.el6 AND php-tidy is earlier than 0:5.3.3-22.el6 AND php-xml is earlier than 0:5.3.3-22.el6 AND php-xmlrpc is earlier than 0:5.3.3-22.el6 AND php-zts is earlier than 0:5.3.3-22.el6

Definition Id: oval:org.mitre.oval:def:16594

Oval ID:	oval:org.mitre.oval:def:16594
Title:	Oracle Linux 6.x
Description:	The operating system installed on the system is Oracle Linux 6.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:6	Version:	5
Platform(s):	Oracle Linux 6	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:26943

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0349s

Facebook rss twitter linkedin mail