This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability has been found and corrected in php :
The htmlspecialchars function in PHP before 5.2.12 does not properly
handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences,
and (3) invalid EUC-JP sequences, which allows remote attackers to
conduct cross-site scripting (XSS) attacks by placing a crafted byte
sequence before a special character (CVE-2009-4142).
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3