Test ID:	1.3.6.1.4.1.25623.1.0.108508
Category:	Web application abuses
Title:	PHP Multiple Vulnerabilities (Dec 2018) - Windows
Summary:	PHP is prone to multiple security vulnerabilities.
Description:	Summary: PHP is prone to multiple security vulnerabilities. Vulnerability Insight: The flaws exist due to: - the imap_open functions which allows to run arbitrary shell commands via mailbox parameter. - a Heap Buffer Overflow (READ: 4) in phar_parse_pharfile. - ext/standard/var_unserializer.c allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class. - because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM('WScript.Shell'). Vulnerability Impact: Successful exploitation will allow remote attackers to execute remote code on the affected application/system and/or cause a cause a denial of service. Affected Software/OS: PHP versions 5.x before 5.6.39, 7.0.x before 7.0.33, 7.1.x before 7.1.25 and 7.2.x before 7.2.13. Solution: Update to version 5.6.39, 7.0.33, 7.1.25, 7.2.13, 7.3.0 or later. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-19518 BugTraq ID: 106018 http://www.securityfocus.com/bid/106018 Debian Security Information: DSA-4353 (Google Search) https://www.debian.org/security/2018/dsa-4353 https://www.exploit-db.com/exploits/45914/ https://security.gentoo.org/glsa/202003-57 https://antichat.com/threads/463395/#post-4254681 https://bugs.debian.org/913775 https://bugs.debian.org/913835 https://bugs.debian.org/913836 https://bugs.php.net/bug.php?id=76428 https://bugs.php.net/bug.php?id=77153 https://bugs.php.net/bug.php?id=77160 https://github.com/Bo0oM/PHP_imap_open_exploit/blob/master/exploit.php https://www.openwall.com/lists/oss-security/2018/11/22/3 https://lists.debian.org/debian-lts-announce/2018/12/msg00006.html https://lists.debian.org/debian-lts-announce/2019/03/msg00001.html https://lists.debian.org/debian-lts-announce/2021/12/msg00031.html http://www.securitytracker.com/id/1042157 https://usn.ubuntu.com/4160-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-20783 http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php https://bugs.php.net/bug.php?id=77143 RedHat Security Advisories: RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:2519 RedHat Security Advisories: RHSA-2019:3299 https://access.redhat.com/errata/RHSA-2019:3299 SuSE Security Announcement: openSUSE-SU-2019:1256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html SuSE Security Announcement: openSUSE-SU-2019:1293 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html SuSE Security Announcement: openSUSE-SU-2019:1572 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html SuSE Security Announcement: openSUSE-SU-2019:1573 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html https://usn.ubuntu.com/3566-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-19395 BugTraq ID: 105989 http://www.securityfocus.com/bid/105989 https://bugs.php.net/bug.php?id=77177 Common Vulnerability Exposure (CVE) ID: CVE-2018-19396
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.