ELSA-2007-0889 Moderate: Enterprise Linux php security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | May 08, 2007 | December 20, 2011 | July 04, 2017 |
Description
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- APPLE-APPLE-SA-2008-03-18
- BID-23813
- BID-23818
- BID-24089
- BID-24261
- BID-24268
- CVE-2007-2509
- CVE-2007-2756
- CVE-2007-2872
- CVE-2007-3799
- CVE-2007-3996
- CVE-2007-3998
- CVE-2007-4658
- DEBIAN-DSA-1295
- DEBIAN-DSA-1296
- DEBIAN-DSA-1444
- DEBIAN-DSA-1578
- DEBIAN-DSA-1613
- OSVDB-35788
- OSVDB-36083
- OSVDB-36643
- OSVDB-36855
- OVAL-OVAL10363
- OVAL-OVAL10603
- OVAL-OVAL10779
- OVAL-OVAL10839
- OVAL-OVAL11147
- OVAL-OVAL9424
- OVAL-OVAL9792
- REDHAT-RHSA-2007:0348
- REDHAT-RHSA-2007:0349
- REDHAT-RHSA-2007:0355
- REDHAT-RHSA-2007:0888
- REDHAT-RHSA-2007:0889
- REDHAT-RHSA-2007:0890
- REDHAT-RHSA-2007:0891
- REDHAT-RHSA-2008:0146
- SUSE-SUSE-SA:2007:044
- SUSE-SUSE-SA:2008:004
- URL: http://oss.oracle.com/pipermail/el-errata/2007-September/000339.html
- XF-34413
- XF-34420
- XF-36377
- XF-36382
- XF-36383
- XF-39398
Solution
oracle-linux-upgrade-phpRelated Vulnerabilities
- ELSA-2008-0146 Moderate: Enterprise Linux gd security update
- CESA-2007:0890: php security update
- SUSE Linux Security Advisory: SUSE-SR:2007:013
- PHP Fixed an integer overflow inside chunk_split()
- CESA-2007:0889: php security update
- Gentoo Linux: CVE-2007-4658: PHP: Multiple vulnerabilities
- Gentoo Linux: CVE-2007-3998: PHP: Multiple vulnerabilities
- PHP Vulnerability: CVE-2007-2509
- ELSA-2007-0349 Important: Enterprise Linux php security update
- Amazon Linux AMI: Security patch for libwmf (ALAS-2015-604) (multiple CVEs)
- RHSA-2007:0355: php security update
- PHP Multiple Vulnerabilities Fixed in version 5.2.4
- PHP Multiple Vulnerabilities Fixed in version 5.2.2
- CESA-2007:0348: php security update
- SUSE Linux Security Vulnerability: CVE-2007-3998
- Gentoo Linux: CVE-2007-2509: PHP: Multiple vulnerabilities
- USN-557-1: GD library vulnerability
- ELSA-2009-0338 Moderate: Enterprise Linux php security update
- SUSE Linux Security Advisory: SUSE-SA:2008:004
- PHP Fixed an integer overflow inside chunk_split()
- ELSA-2007-0890 Moderate: Enterprise Linux php security update
- Gentoo Linux: CVE-2007-2756: PHP: Multiple vulnerabilities
- RHSA-2007:0889: php security update
- PHP Vulnerability: CVE-2007-2510
- OS X security update 2008-002 for PHP (CVE-2007-3799)
- Gentoo Linux: CVE-2007-2872: PHP: Multiple vulnerabilities
- PHP Vulnerability: CVE-2007-1864
- RHSA-2007:0917: php security update
- Gentoo Linux: CVE-2007-3996: PHP: Multiple vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2007-2872
- Gentoo Linux: CVE-2007-1864: PHP: Multiple vulnerabilities
- RHSA-2007:0888: php security update
- FreeBSD: php -- multiple vulnerabilities (Multiple CVEs)
- SUSE Linux Security Vulnerability: CVE-2007-4658
- PHP Fixed possible infinite loop in imagecreatefrompng
- CESA-2007:0888: php security update
- SUSE Linux Security Vulnerability: CVE-2007-3996
- USN-473-1: libgd2 vulnerabilities
- FreeBSD: libwmf -- multiple vulnerabilities (Multiple CVEs)
- SUSE Linux Security Vulnerability: CVE-2007-2756
- CESA-2007:0349: php security update
- PHP Vulnerability: CVE-2007-3996
- Gentoo Linux: CVE-2007-2510: PHP: Multiple vulnerabilities
- F5 Networks: K7859 (CVE-2007-2509): Multiple PHP vulnerabilities
- RHSA-2007:0890: php security update
- SUSE-SA:2008:004: php4, php5
- RHSA-2007:0348: php security update
- PHP Vulnerability: CVE-2007-4658
- PHP Vulnerability: CVE-2007-2872
- SUSE Linux Security Advisory: SUSE-SR:2007:015
- CESA-2008:0146: RHSA-2008:0146
- USN-462-1: PHP vulnerabilities
- SUSE Linux Security Advisory: SUSE-SA:2007:044
- RHSA-2008:0146: gd security update
- ELSA-2007-0348 Important: Enterprise Linux php security update
- F5 Networks: K13519 (CVE-2007-3799): Multiple PHP vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2007-1864
- SUSE Linux Security Vulnerability: CVE-2007-3799
- SUSE Linux Security Vulnerability: CVE-2007-2510
- RHSA-2007:0891: php security update
- USN-485-1: PHP vulnerabilities
- USN-549-1: PHP vulnerabilities
- USN-720-1: PHP vulnerabilities
- RHSA-2007:0349: php security update
- PHP Vulnerability: CVE-2007-3799
- PHP Vulnerability: CVE-2007-3998
- SUSE Linux Security Vulnerability: CVE-2007-2509