«
»

Serious PHP flaw



PHP which is a widely used scripting language for webpages has been found to have a serious vulnerability. The Inquirer is reporting on the announcement at hardened-php.net that the vulnerabilities are in the XML-RPC for PHP and PEAR XML-RPC libraries. This is apparently an eval() vulnerability similar to one earlier in the year.



The hardened-php project has developed a fix that removes the use of eval() from both libraries. The fix was developed with the maintainers of both libraries.

Popularity: 1% [?]

PDF    Send article as PDF   
Blog Traffic Exchange Related Posts
  • Firefox code under the microscope So, the stories are out of the analysis of the code for Mozilla Firefox. It seems there were a large number of potential flaws found (71 potential security vulnerabilities) according to the article. This was done using an automated tool and many say, that in order to evaluate the true......
  • Busy Evening I've got all traces of the old cms system off of the server now. (Well there might be a README here or there, but all php scripts from the old CMS are now gone.) At this point I can disclose a bit about the sudden move. Well, for starters, any......
  • January Patch Tuesday Microsoft has issued two advisories related to patches coming out today. Both are remote code execution vulnerabilities, the first affects Outlook and Exchange server, the second is related to embedded Web fonts. The links above don't yet seem active, but should go to the technet Security bulletins once Microsoft finishes......
Blog Traffic Exchange Related Websites
  • Repairing Cracks in Walls If you have an older home that has some structural damage, or if you are starting to notice tiny cracks in the walls, the time to fix these is now, before they get any worse. If the crack is serious, you may need to get the help of a professional,......
  • Microsoft's Internet Explorer is Vulnerable to Attacks Hi Guyz, Just got the news. Microsoft Internet Explorer users, beware. There's a security flaw in all versions of the browser that leaves you wide open for attack. At least two million computers have already been infected. The exploit doesn't require users to click on links or download software from......
  • Security Innovation Introduces Software Security Summer Series WILMINGTON, Mass. – July 12, 2011 -- Security Innovation today introduced its inaugural Software Security Summer Series, where the company will offer six free eLearning courses from its industry-leading curriculum over the next six weeks. The courses are part of TeamProfessorTM, the company’s computer-based training library with an emphasis on......

Similar Posts


This entry was posted on Friday, August 26th, 2005 at 1:12 pm and is filed under Computers, Security. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.

Switch to our mobile site