RedHat Update For Php53 RHSA-2012:0092-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the fix for CVE-2011-4885 (released via RHSA-2012:0019 for php53 packages in Red Hat Enterprise Linux 5) introduced an uninitialized memory use flaw. A remote attacker could send a specially- crafted HTTP request to cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2012-0830) All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

Affected

php53 on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2012-February/msg00012.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4885, CVE-2012-0830
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0354
RedHat Security Advisory RHSA-2009:0392
RedHat Security Advisory RHSA-2009:1134
RedHat Security Advisory RHSA-2009:0478
RedHat Security Advisory RHSA-2008:0002

RedHat Update for php53 RHSA-2012:0092-01

Take action and discover your vulnerabilities