FreeBSD : php -- multiple vulnerabilities (27d01223-c457-11dd-a721-0030843d3802)
High Nessus Plugin ID 35051
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
An input validation error exists within the 'ZipArchive::extractTo()' function when extracting ZIP archives. This can be exploited to extract files to arbitrary locations outside the specified directory via directory traversal sequences in a specially crafted ZIP archive.
An error in the included PCRE library can be exploited to cause a buffer overflow.
The problem is that the 'BG(page_uid)' and 'BG(page_gid)' variables are not initialized. No further information is currently available.
The problem is that the 'php_value' order is incorrect for Apache configurations. No further information is currently available.
An error in the GD library can be exploited to cause a crash via a specially crafted font file.
SolutionUpdate the affected package.