SUSE: 2012:0411-1 Important: PHP5 Denial Of Service Issues

suse

March 24, 2012

An update that fixes 9 vulnerabilities is now available

Summary

This update of php5 fixes multiple security flaws: * CVE-2011-4153, missing checks of return values could allow remote attackers to cause a denial of service (NULL pointer dereference) * CVE-2011-4885, denial of service via hash collisions * CVE-2012-0057, specially crafted XSLT stylesheets could allow remote attackers to create arbitrary files with arbitrary content * CVE-2012-0781, remote attackers can cause a denial of service via specially crafted input to an application that attempts to perform Tidy::diagnose operations * CVE-2012-0788, applications that use a PDO driver were prone to denial of service flaws which could be exploited remotely * CVE-2012-0789, memory leak in the timezone functionality could allow remote attackers to cause a denial of service (memory consumption)

Topics Covered

security advisory denial of service update code execution important SUSE PHP5

References

#741520 #741859 #742273 #742806 #743308 #744966

#746661 #749111

Cross- CVE-2011-4153 CVE-2011-4885 CVE-2012-0057

CVE-2012-0781 CVE-2012-0788 CVE-2012-0789

CVE-2012-0807 CVE-2012-0830 CVE-2012-0831

Affected Products:

SUSE Linux Enterprise Server 10 SP4

SLE SDK 10 SP4

https://www.suse.com/security/cve/CVE-2011-4153.html

https://www.suse.com/security/cve/CVE-2011-4885.html

https://www.suse.com/security/cve/CVE-2012-0057.html

https://www.suse.com/security/cve/CVE-2012-0781.html

https://www.suse.com/security/cve/CVE-2012-0788.html

https://www.suse.com/security/cve/CVE-2012-0789.html

https://www.suse.com/security/cve/CVE-2012-0807.html

https://www.suse.com/security/cve/CVE-2012-0830.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2012:0411-1

Rating: important

Topics Covered

security advisory denial of service update code execution important SUSE PHP5

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2012:0411-1 Important: PHP5 Denial Of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2012:0411-1 Important: PHP5 Denial Of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!