PHP 7.0.x < 7.0.31 Use After Free Arbitrary Code Execution in EXIF

critical Nessus Plugin ID 111215

Version 1.12

Nov 22, 2024, 4:32 PM

  • Plugin metadata (remove script_exclude_keys for CGI scanning)

Plugin Feed: 202411221632

Version 1.11

Oct 4, 2024, 11:19 AM

  • IAVM reference

Plugin Feed: 202410041119

Version 1.10

Sep 3, 2024, 7:13 AM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202409030713

Version 1.9

Aug 29, 2024, 4:23 PM

  • IAVM reference
  • STIG Severity (set to "I")

Plugin Feed: 202408291623

Version 1.8

May 28, 2024, 5:14 PM

  • Required Scan configuration ("Enable cgi scanning" set to "True")

Plugin Feed: 202405281714

* Changelogs are generally available for changes made after Nov 1, 2022