OVAL Reference oval:org.mitre.oval:def:10877

Oval Definition:

oval:org.mitre.oval:def:10877

Revision Date:	2013-04-29	Version:	11
Title:	Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
Description:	Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-1065
Platform(s):	CentOS Linux 3 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4	Product(s):
Definition Synopsis
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 OR CentOS Linux 3.x AND Configuration section php is earlier than 0:4.3.2-19.ent OR php-pgsql is earlier than 0:4.3.2-19.ent OR php-mysql is earlier than 0:4.3.2-19.ent OR php-ldap is earlier than 0:4.3.2-19.ent OR php-imap is earlier than 0:4.3.2-19.ent OR php-odbc is earlier than 0:4.3.2-19.ent OR php-devel is earlier than 0:4.3.2-19.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 OR CentOS Linux 4.x OR Oracle Linux 4.x AND Configuration section php-xmlrpc is earlier than 0:4.3.9-3.2 OR php-snmp is earlier than 0:4.3.9-3.2 OR php-domxml is earlier than 0:4.3.9-3.2 OR php-mysql is earlier than 0:4.3.9-3.2 OR php-imap is earlier than 0:4.3.9-3.2 OR php-gd is earlier than 0:4.3.9-3.2 OR php is earlier than 0:4.3.9-3.2 OR php-mbstring is earlier than 0:4.3.9-3.2 OR php-pgsql is earlier than 0:4.3.9-3.2 OR php-pear is earlier than 0:4.3.9-3.2 OR php-ldap is earlier than 0:4.3.9-3.2 OR php-odbc is earlier than 0:4.3.9-3.2 OR php-ncurses is earlier than 0:4.3.9-3.2 OR php-devel is earlier than 0:4.3.9-3.2

BACK