CERT mailing list archives

MS-ISAC Releases Advisory on PHP Vulnerabilities

From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Fri, 12 Oct 2018 18:48:04 -0500

U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:



MS-ISAC Releases Advisory on PHP Vulnerabilities [ 
https://www.us-cert.gov/ncas/current-activity/2018/10/12/MS-ISAC-Releases-Advisory-PHP-Vulnerabilities ] 10/12/2018 
06:37 PM EDT 
Original release date: October 12, 2018

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext 
Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an 
affected system.

NCCIC encourages users and administrators to review MS-ISAC Advisory 2018-113 [ 
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2018-113/ 
] and the PHP Downloads [ http://us3.php.net/downloads.php ] page and apply the necessary updates.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight: normal; font-style: normal; color: 
#333333; } ________________________________________________________________________

A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have 
questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a 
notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () 
ncas us-cert gov to your address book. 

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ]  

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]

Current thread:

MS-ISAC Releases Advisory on PHP Vulnerabilities US-CERT (Jan 09)
- <Possible follow-ups>
- MS-ISAC Releases Advisory on PHP Vulnerabilities US-CERT (Apr 27)
- MS-ISAC Releases Advisory on PHP Vulnerabilities US-CERT (Sep 14)
- MS-ISAC Releases Advisory on PHP Vulnerabilities US-CERT (Oct 12)