PHP < 5.2.14 / 5.3.x < 5.3.3 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 5616
SynopsisThe remote web server uses a version of PHP that is affected by multiple vulnerabilities.
DescriptionVersions of PHP prior to 5.2.14, or 5.3.x prior to 5.3.3 are affected by the following vulnerabilities :
- An information disclosure vulnerability in 'var_export()' when a fatal error occurs.
- A resource destruction issue in 'shm_put_var()'.
- A possible information leak because of an interruption of XOR operator.
- A memory corruption issue caused by an unexpected call-time pass by reference and the following memory clobbering through callbacks.
- A memory corruption issue in 'ArrayObject::uasort()'.
- A memory corruption issue in 'parse_str()'.
- A memory corruption issue in 'pack()'.
- A memory corruption issue in 'substr_replace()'.
- A memory corruption issue in 'addcslashes()'.
- A stack exhaustion issue in 'fnmatch()'.
- A buffer overflow vulnerability in the dechunking filter.
- An arbitrary memory access issue in the sqlite extension.
- A string format validation issue in the phar extension.
- An unspecified issue relating to the handling of session variable serialization on certain prefix characters.
- A NULL pointer dereference issue when processing invalid XML-RPC requests.
- An unserialization issue in 'SplObjectStorage'.
- Buffer overflow vulnerabilities in 'mysqlnd_list_fields' and 'mysqlnd_change_user'.
- Buffer overflows when handling error packets in mysqlnd.
- A flaw affects 'sqlite_single_query()' and 'sqlite_array_query()' methods included in the 'ext/sqlite/sqlite.c' source file. Specifically, the 'rres' resource is not properly initialized before use which may trigger a double-free condition when an empty query is passed to the 'real_result_dtor()' function.
SolutionUpgrade to PHP version 5.2.14, 5.3.3, or later.