Summary
This host is installed with PHP and is prone to stack buffer overflow vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code or to cause denial of service condition.
Impact Level: Application
Solution
Upgrade to version 5.3.7 or later,
For updates refer to http://php.net/downloads.php
Insight
The flaw is due to an error in the 'socket_connect()' function within socket module. It uses memcpy to copy path from addr to s_un without checking addr length in case when AF_UNIX socket is used.
Affected
PHP Version 5.3.5 and prior on windows.
References
Severity
Classification
-
CVE CVE-2011-1938 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities