| VID |
22559 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
According to its banner, the version of PHP installed on the remote host is 5.4.x earlier than 5.4.5, and is, therefore, potentially affected by an unspecified overflow vulnerability in the function '_php_stream_scandir' in the file 'main/streams/streams.c'.
* Note: This check solely relied on the version number of the remote WebLogic server to assess this vulnerability, so this might be a false positive.
* References:
http://www.php.net/ChangeLog-5.php#5.4.5
* Platforms Affected:
PHP Prior to 5.4.5
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PHP (5.4.5 or later), available from the Mozilla Web site at http://www.php.net/downloads.php |
| Related URL |
CVE-2012-2688 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
