Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: PHP 5.2.x

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
PHP Group
And, this specific program:
PHP 5.2.x

This thread has been marked as locked.
Vulpescunctator PHP 5.2.x
Member 29th Sep, 2010 17:45
Ranking: 0
Posts: 2
User Since: 7th Aug, 2010
System Score: N/A
Location: FR
Hello,
Secunia classifies the program hereabove as "vulnerable".
Going to the site PHP, I've found 2 versions of PHP 5.3, VC9 x86 or VC6 x86 and I don't know at all which one I should download in my particular case, being admitted that the program is only needed to manage the data exchange between the PC and the uninterruptible power supply.
Thank you for helping.

My config: Windows XP SP3

--
GianniDeLuca

This user no longer exists RE: PHP 5.2.x
Member 30th Sep, 2010 09:30
Hi,

The choice of which of the two versions to use rests with the user - Secunia only recommends a specific version of PHP, not an edition.
The VC6 and VC9 editions have different purposes, but either of these edition in version 5.2.14.0 should be secure.

However, here are some instructions from the PHP.net site that I hope will be helpful:
(unknown source)

Which version do I choose?

If you are using PHP with Apache 1 or Apache2 from apache.org you need to use the VC6 versions of PHP

If you are using PHP with IIS you should use the VC9 versions of PHP

VC6 Versions are compiled with the legacy Visual Studio 6 compiler

VC9 Versions are compiled with the Visual Studio 2008 compiler and have improvements in performance and stability. The VC9 versions require you to have the Microsoft 2008 C++ Runtime (x86) or the Microsoft 2008 C++ Runtime (x64) installed

Do NOT use VC9 version with apache.org binaries


If you are still unsure about which edition to choose, just post back , and I will see if I can help.

hope this helps.
Was this reply relevant?
+0
-0
Vulpescunctator RE: PHP 5.2.x
Member 30th Sep, 2010 11:16
Score: 0
Posts: 2
User Since: 7th Aug 2010
System Score: N/A
Location: FR
Hi,
Thank you for your answer.
I had already seen the comment on the Internet site of PHP and was no more secure about the answer.
In fact, the problem arouse in the way hereafter.
After desinstalling Php 4.... , classified "end of life" by Secunia and replacing it with the automated icon of Secunia, I've got the 5.2 version that Secunia qualifies now of "unsecure"...
Moreocer, I have got to day an icon flashing "Localhost:inaccessible"at the bottom right of my screen. Is it related to the first change?
May be it's time for me to stop playing with this suggested type of change ;-) and let PHP live its own life.




--
GianniDeLuca
Was this reply relevant?
+0
-0
This user no longer exists RE: PHP 5.2.x
Member 30th Sep, 2010 12:21
Hi,

You need to install version 5.2.14, or you will still be Insecure.
Which icon is flashing "Localhost:inaccessible"? Is this related to the PSI, or other Secunia products?

I suggest that you contact the vendor of your UPS system, and ask him/her which version is supported by this UPS/script.

hope this helps.
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability