rPSA-2007-0043-1 php php-mysql php-pgsql

看板Bugtraq作者時間19年前 (2007/02/28 04:22), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
rPath Security Advisory: 2007-0043-1 Published: 2007-02-27 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Remote System User Deterministic Unauthorized Access Updated Versions: php=/conary.rpath.com@rpl:devel//1/4.3.11-15.9-1 php-mysql=/conary.rpath.com@rpl:devel//1/4.3.11-15.9-1 php-pgsql=/conary.rpath.com@rpl:devel//1/4.3.11-15.9-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 https://issues.rpath.com/browse/RPL-1088 Description: Previous versions of the php package are vulnerable to multiple vulnerabilities of varying severity. The most severe of these vulnerabilities are expected to enable remote code execution as the "apache" user via php applications that call certain functions such as str_replace(), imap_mail_compose(), or odbc_result_all() functions.
更多 announce-no. 的文章
文章代碼(AID): #15v9CJ00 (Bugtraq)