Summary
This host is installed with PHP and is prone to multiple use-after-free vulnerabilities.
Impact
Successful exploitation will allow remote attackers to conduct denial of service attacks or possibly have some other unspecified impact.
Impact Level: Application
Solution
Apply Patches from below links,
http://git.php.net/?p=php-src.git
a=patch
h=22882a9d89712ff2b6ebc20a689a89452bba4dcd
http://git.php.net/?p=php-src.git
a=patch
h=df78c48354f376cf419d7a97f88ca07d572f00fb
*****
NOTE: Ignore this warning if above mentioned patch is installed.
*****
Insight
The flaws are due to an use-after-free error related to SPL iterators and ArrayIterators.
Affected
PHP version 5.x through 5.5.14
Detection
Get the installed version of PHP with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-4670, CVE-2014-4698 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities