PHP 5.5.x < 5.5.1 xml.c Buffer Overflow
High Nessus Plugin ID 69348
SynopsisThe remote web server uses a version of PHP that is potentially affected by a buffer overflow vulnerability.
DescriptionAccording to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.1. It is, therefore, potentially affected by a buffer overflow error that exists in the file 'ext/xml/xml.c'.
Note that this plugin does not attempt to exploit this vulnerability, but instead relies only on PHP's self-reported version number.
SolutionApply the vendor patch or upgrade to PHP version 5.5.1 or later.