openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)
Medium Nessus Plugin ID 75430
SynopsisThe remote openSUSE host is missing a security update.
DescriptionInsufficient handling of certain character sequences in the utf8_decode() function could be leveraged to conduct cross-site-scripting (XSS) attacks (CVE-2010-3870). php5 could also consume large amounts of memory and crash if a long mail address was passed to filter_var() with parmeter FILTER_VALIDATE_EMAIL (CVE-2010-3710).
SolutionUpdate the affected apache2-mod_php5 packages.