New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 6.7
SynopsisThe remote openSUSE host is missing a security update.
DescriptionPHP was updated to fix two security issues.
The following vulnerabilities were fixed :
- CVE-2015-5589: PHP could be crashed when processing an invalid file with the 'phar' extension with a segfault in Phar::convertToData, leading to Denial of Service (DOS) (boo#938721)
- CVE-2015-5590: PHP could be crashed or have unspecified other impact due to a buffer overlow in phar_fix_filepath (boo#938719)
SolutionUpdate the affected php5 packages.