Detections
Analytics

PHP 4.x < 4.4.7 / 5.x < 5.2.2 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 3982

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running a version of PHP lower than 4.4.7 or 5.2.2. This version is vulnerable to a number of remote issues. At least one of these issues is related to a buffer overflow attack. An attacker exploiting these flaws would be able to impact confidentiality, integrity, and availability.

Solution

Upgrade to version 4.4.7, 5.2.2 or higher.

See Also

http://www.php.net/releases/4_4_7.php

http://www.php.net/releases/5_2_2.php

http://www.php.net

Plugin Details

Severity: High

ID: 3982

Family: Web Servers

Published: 5/4/2007

Updated: 3/6/2019

Nessus ID: 25159

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:php:php

Patch Publication Date: 5/3/2007

Vulnerability Publication Date: 5/3/2007

Reference Information

CVE: CVE-2007-0455, CVE-2007-0911, CVE-2007-1001, CVE-2007-1285, CVE-2007-1375, CVE-2007-1396, CVE-2007-1399, CVE-2007-1412, CVE-2007-1413, CVE-2007-1460, CVE-2007-1461, CVE-2007-1484, CVE-2007-1521, CVE-2007-1522, CVE-2007-1581, CVE-2007-1582, CVE-2007-1583, CVE-2007-1649, CVE-2007-1709, CVE-2007-1710, CVE-2007-1717, CVE-2007-1718, CVE-2007-1864, CVE-2007-1883, CVE-2007-2509, CVE-2007-2510, CVE-2007-2511, CVE-2007-2727, CVE-2007-2748, CVE-2007-3998, CVE-2007-4670

BID: 22764, 23016, 23145, 23357, 22289, 22990, 23813, 23818, 23984, 24012, 24034, 22886, 22851, 22893, 22897, 22968, 22971, 23062, 23146