Fedora Core 4 : php-5.0.4-10.5 (2005-1062)
High Nessus Plugin ID 20187
SynopsisThe remote Fedora Core host is missing a security update.
DescriptionThis update includes several security fixes :
- fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390)
- a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389)
- fixes for Cross-Site Scripting flaws in the phpinfo() output (CVE-2005-3388)
- a fix for a denial of service (process crash) in EXIF image parsing (CVE-2005-3353)
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected packages.