Summary
This host is installed with PHP and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attackers to conduct denial of service attacks.
Impact Level: Application
Solution
Upgrade to PHP version 5.4.32 or 5.5.16 or 5.6.0 or later. For updates refer to http://php.net
Insight
The flaw is due to a NULL pointer dereference error in 'gdImageCreateFromXpm' function within LibGD.
Affected
PHP version 5.x through 5.4.26 and probably other versions.
Detection
Get the installed version of PHP with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-2497 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Tomcat source.jsp malformed request information disclosure
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
- Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities
- Apache Struts Directory Traversal Vulnerability