FreeBSD : PHP5 -- Integer overflow in Calendar module (5def3175-f3f9-4476-ba40-b46627cc638c)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The PHP development team reports :

Integer overflow in the SdnToJewish function in jewish.c in the
Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows
context-dependent attackers to cause a denial of service (application
hang) via a large argument to the jdtojewish function.

See also :

https://bugs.php.net/bug.php?id=64895
http://www.nessus.org/u?0a620505

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 68918 ()

Bugtraq ID:

CVE ID: CVE-2013-4635

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now