DSA-2961 php5 - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
It was discovered that PHP, a general-purpose scripting languagecommonly used for web application development, is vulnerable to aheap-based buffer overflow in the DNS TXT record parsing. A maliciousserver or man-in-the-middle attacker could possibly use this flaw toexecute arbitrary code as the PHP interpreter if a PHP application usesdns_get_record() to perform a DNS query.
More info:
https://www.debian.org/security/2014/dsa-2961 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-4049 and DSA-2961. |