This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple vulnerabilities has been discovered and corrected in php :
Integer overflow in the exif_process_IFD_TAG function in exif.c in the
exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote
attackers to read the contents of arbitrary memory locations or cause
a denial of service via a crafted offset_val value in an EXIF header
in a JPEG file, a different vulnerability than CVE-2011-0708
PHP before 5.3.9 computes hash values for form parameters without
restricting the ability to trigger hash collisions predictably, which
allows remote attackers to cause a denial of service (CPU consumption)
by sending many crafted parameters (CVE-2011-4885).
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 5.0
Public Exploit Available : true