Summary
This host is running PHP and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation could allow local attackers to crash the affected application, denying service to legitimate users.
Impact Level: Application/Network
Solution
upgrade to PHP 5.3.5 or later
For updates refer to http://www.php.net/downloads.php
Insight
The flaws are due to:
- An use-after-free error in the 'Zend' engine, which allows remote attackers to cause a denial of service.
- A stack-based buffer overflow in the 'GD' extension, which allows attackers to cause a denial of service.
Affected
PHPversion prior to 5.2.15 and 5.3.x before 5.3.4
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-4697, CVE-2010-4698 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities