Oval Definition:oval:org.mitre.oval:def:22394
Revision Date:2014-05-26Version:36
Title:ELSA-2008:0544: php security update (Moderate)
Description:The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-4782
CVE-2007-5898
CVE-2007-5899
CVE-2008-2051
CVE-2008-2107
CVE-2008-2108
ELSA-2008:0544-01
Platform(s):Oracle Linux 5
Product(s):php
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • php-gd is earlier than 0:5.1.6-20.el5_2.1
  • OR php-soap is earlier than 0:5.1.6-20.el5_2.1
  • OR php-common is earlier than 0:5.1.6-20.el5_2.1
  • OR php-odbc is earlier than 0:5.1.6-20.el5_2.1
  • OR php-mysql is earlier than 0:5.1.6-20.el5_2.1
  • OR php is earlier than 0:5.1.6-20.el5_2.1
  • OR php-xmlrpc is earlier than 0:5.1.6-20.el5_2.1
  • OR php-cli is earlier than 0:5.1.6-20.el5_2.1
  • OR php-mbstring is earlier than 0:5.1.6-20.el5_2.1
  • OR php-pgsql is earlier than 0:5.1.6-20.el5_2.1
  • OR php-xml is earlier than 0:5.1.6-20.el5_2.1
  • OR php-dba is earlier than 0:5.1.6-20.el5_2.1
  • OR php-devel is earlier than 0:5.1.6-20.el5_2.1
  • OR php-ncurses is earlier than 0:5.1.6-20.el5_2.1
  • OR php-snmp is earlier than 0:5.1.6-20.el5_2.1
  • OR php-imap is earlier than 0:5.1.6-20.el5_2.1
  • OR php-bcmath is earlier than 0:5.1.6-20.el5_2.1
  • OR php-pdo is earlier than 0:5.1.6-20.el5_2.1
  • OR php-ldap is earlier than 0:5.1.6-20.el5_2.1
    • BACK