Multiple vulnerabilities in PHP and extensions

Описание

Multiple serious vulnerabilities have been found in PHP and extensions. Malicious users can exploit these vulnerabilities to cause denial of service or inject code.

Below is a complete list of vulnerabilities

1. Multiple integer overflows can be exploited remotely via a specially designed year value;
2. Lack of tokens validation can be exploited remotely via a specially designed name;
3. Improper tmp drectory addres containing can be exploited locally via a file manipulations.

Первичный источник обнаружения

Связанные продукты

• PHP

Список CVE

• CVE-2015-2331
  critical
• CVE-2015-0231
  critical
• CVE-2015-2305
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com