The remote FreeBSD host is missing a security-related update.
The Zend Framework team reports : Potential XSS or HTML Injection vector in Zend_Json. Potential XSS vector in Zend_Service_ReCaptcha_MailHide. Potential MIME-type Injection in Zend_File_Transfer Executive Summary. Potential XSS vector in Zend_Filter_StripTags when comments allowed. Potential XSS vector in Zend_Dojo_View_Helper_Editor. Potential XSS vectors due to inconsistent encodings. XSS vector in Zend_Filter_StripTags. LFI vector in Zend_View::setScriptPath() and render().