Oval Definition:oval:org.mitre.oval:def:8084
Revision Date:2014-06-23Version:19
Title:DSA-1647 php5 -- several vulnerabilities
Description:Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems: Buffer overflow in the imageloadfont function allows a denial of service or code execution through a crafted font file. Buffer overflow in the memnstr function allows a denial of service or code execution via a crafted delimiter parameter to the explode function. Denial of service is possible in the FastCGI module by a remote attacker by making a request with multiple dots before the extension.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2008-3658
CVE-2008-3659
CVE-2008-3660
DSA-1647
Platform(s):Debian GNU/Linux 4.0
Product(s):php5
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • php-pear is earlier than 5.2.0-8+etch13
  • OR php5 is earlier than 5.2.0-8+etch13
  • OR libapache-mod-php5 is earlier than 5.2.0-8+etch13
  • OR php5-recode is earlier than 5.2.0-8+etch13
  • OR php5-xmlrpc is earlier than 5.2.0-8+etch13
  • OR php5-curl is earlier than 5.2.0-8+etch13
  • OR php5-snmp is earlier than 5.2.0-8+etch13
  • OR php5-mysql is earlier than 5.2.0-8+etch13
  • OR php5-odbc is earlier than 5.2.0-8+etch13
  • OR php5-xsl is earlier than 5.2.0-8+etch13
  • OR php5-gd is earlier than 5.2.0-8+etch13
  • OR libapache2-mod-php5 is earlier than 5.2.0-8+etch13
  • OR php5-mhash is earlier than 5.2.0-8+etch13
  • OR php5-tidy is earlier than 5.2.0-8+etch13
  • OR php5-mcrypt is earlier than 5.2.0-8+etch13
  • OR php5-dev is earlier than 5.2.0-8+etch13
  • OR php5-pgsql is earlier than 5.2.0-8+etch13
  • OR php5-cgi is earlier than 5.2.0-8+etch13
  • OR php5-imap is earlier than 5.2.0-8+etch13
  • OR php5-sqlite is earlier than 5.2.0-8+etch13
  • OR php5-ldap is earlier than 5.2.0-8+etch13
  • OR php5-cli is earlier than 5.2.0-8+etch13
  • OR php5-sybase is earlier than 5.2.0-8+etch13
  • OR php5-pspell is earlier than 5.2.0-8+etch13
  • OR php5-common is earlier than 5.2.0-8+etch13
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is i386
  • OR Installed architecture is amd64
  • AND php5-interbase is earlier than 5.2.0-8+etch13
  • BACK