Summary
PHP versoin < 5.3.9 suffers multiple vulnerabilities such as DOS bysendign crafted requests including hash collision parameter values. Several errors exist in some certain functions as well.
Solution
Upgrate PHP to 5.3.9 or versions after.
Severity
Classification
-
CVE CVE-2011-4566, CVE-2011-4885, CVE-2012-0057, CVE-2012-0781, CVE-2012-0788, CVE-2012-0789 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:N/A:P
Related Vulnerabilities
- Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- @Mail 'admin.php' Cross-Site Scripting Vulnerabilities
- Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability