Ubuntu Update For Php5 USN-1702-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that PHP incorrectly handled the openssl_encrypt function when used with an empty string. An attacker could use this flaw to cause PHP to disclose arbitrary memory contents and possibly expose sensitive information.

Affected

php5 on Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2013-January/001970.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-6113
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for cups USN-2172-1
Ubuntu Update for aptdaemon USN-1414-1
Ubuntu Update for apache2 vulnerabilities USN-499-1
Ubuntu Update for clamav vulnerability USN-1076-1
Ubuntu Update for cupsys vulnerability USN-606-1

Ubuntu Update for php5 USN-1702-1

Take action and discover your vulnerabilities