Summary
This host is installed with PHP and is prone to multiple information disclosure vulnerabilities.
Impact
Successful exploitation will allow remote attackers to obtain sensitive information.
Impact Level: Application
Solution
Upgrade to PHP 5.3.22 or 5.4.12 or later,
http://www.php.net/downloads.php
Insight
Flaws are due to the way SOAP parser process certain SOAP objects (due to allowed expansion of XML external entities during SOAP WSDL files parsing).
Affected
PHP version before 5.3.22 and 5.4.x before 5.4.12
Detection
Get the installed version of PHP with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-1824 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Archiva Cross Site Request Forgery Vulnerability
- Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
- Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities