SECUNIA ADVISORY ID: SA31409
VERIFY ADVISORY: http://secunia.com/advisories/31409/
CRITICAL: Moderately critical
IMPACT: Unknown, Exposure of sensitive information, DoS, System access
SOFTWARE: PHP 4.4.x - http://secunia.com/product/5768/
DESCRIPTION: Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
1) Some vulnerabilities in PCRE can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or compromise an application using the library. For more information: SA27543 SA28923
2) An unspecified error in "imageloadfont" can cause a crash via an invalid font.
3) An unspecified error related to the "open_basedir" handling exists in the "curl" extension.
SOLUTION: Update to version 4.4.9 or higher.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: PHP: http://www.php.net/ChangeLog-4.php#4.4.9
OTHER REFERENCES:
SA27543: http://secunia.com/advisories/27543/
SA28923: http://secunia.com/advisories/28923/
|
|
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
