This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for php5 fixes the following issues :
- CVE-2015-7803: Specially crafted .phar files with a
crafted TAR archive entry allowed remote attackers to
cause a Denial of Service (DoS) [bsc#949961]
- CVE-2015-7804: Specially crafted .phar files with a
crafted ZIP archive entry referencing a file '/' allowed
remote attackers to cause a Denial of Service (DoS) or
potentially leak unspecified memory content [bsc#949961]
- CVE-2016-1903: Specially crafted image files could
allowed remote attackers read unspecified memory when
rotating images [bsc#962057]
See also :
Update the affected php5 packages.
Risk factor :
Medium / CVSS Base Score : 6.8