FreeBSD : php-zip -- multiple Denial of Service vulnerabilities (2a41233d-10e7-11e0-becc-0022156e8794)
Medium Nessus Plugin ID 51504
The remote FreeBSD host is missing one or more security-related updates.
The following DoS conditions in Zip extension were fixed in PHP 5.3.4 and PHP 5.2.15 : - Fixed crash in zip extract method (possible CWE-170). - The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.