GLSA-200703-21 : PHP: Multiple vulnerabilities

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-200703-21
(PHP: Multiple vulnerabilities)

Several vulnerabilities were found in PHP by the Hardened-PHP Project
and other researchers. These vulnerabilities include a heap-based
buffer overflow in htmlentities() and htmlspecialchars() if called with
UTF-8 parameters, and an off-by-one error in str_ireplace(). Other
vulnerabilities were also found in the PHP4 branch, including possible
overflows, stack corruptions and a format string vulnerability in the
*print() functions on 64 bit systems.

Impact :

Remote attackers might be able to exploit these issues in PHP
applications making use of the affected functions, potentially
resulting in the execution of arbitrary code, Denial of Service,
execution of scripted contents in the context of the affected site,
security bypass or information leak.

Workaround :

There is no known workaround at this time.

See also :

http://www.php.net/releases/4_4_5.php
http://www.php.net/releases/5_2_1.php
http://www.gentoo.org/security/en/glsa/glsa-200703-21.xml

Solution :

All PHP users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose 'dev-lang/php'

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true