Enquiry
SynapseIndia - Custom Software Development Company
Technologies
eCommerce Services
CMS Development
Website Development
Mobile App Development
Microsoft Solutions
Website Designing

Power of PHP Updates: PHP 5 Updates Fixing Security Vulnerabilities

calender 15 Apr 2015

“Highly popular PHP programming language is the first choice of modern developers. However, the security-related flaws have been a real pain. A good news is that the new released versions of PHP are effectively addressing the security related issues effectively. As per the current scenario, four vulnerabilities have already been addressed & correctly fixed in PHP 5.5 and 5.6, while in PHP 5.4, six vulnerabilities have been fixed.”

PHP has been a popular programming language as it encompasses a set of features that empower developers to make robust websites & web applications in quick time. A sort of boon for web developers, PHP has also undergone an array of updates and launch of new versions to ensure that the same level of programming ease is maintained and arising issues are fixed – needless to mention the importance of these updates for PHP website development. Reportedly, there have been some security-related flaws related with PHP programming; however, just to maintain PHP secured, newly released versions of PHP address the security issues effectively. Fixing these annoying security vulnerabilities was quite remarkable indeed for the PHP family of developers.

PHP website development

In total, four vulnerabilities have been addressed & fixed in PHP 5.5 and 5.6, while six vulnerabilities got fixed in PHP 5.4. CVE-2014-3669 is a high-severity security bug flaw in PHP's "unserialize()" function. Using the function on an unreliable data would lead to either information disclosure or crash. Only 32 bit systems are affected  by this issue.  Possibility of arbitrary code execution still remains ambiguous however. CVE identifier CVE-2014-3668 is another vulnerability fixed with the newer versions. CVE-2014-3669 and CVE-2014-3668 were some other vulnerabilities reported in September month by a Switzerland based researcher.

Another bug CVE-2014-3670 was reported by a software engineer. Due to this bug, parsing the thumbnail of a .jpg image (specially crafted) leads to head corruption. Its also possible now to extract embedded thumbnails from multiple image formats by employing APIs like exif_thumbnail. During the process of extraction of TIFF-formatted EXIF thumbnail from some JPEG image, PHP creates a standalone TIFF file - this is made possible as PHP re-encodes the thumbnail directory IFD tags and further prepends the tags to the thumbnail image. exif_ifd_make_value function makes re-encoding of individual values possible. Its highly recommended that users of PHP 5.4, 5.5 and 5.6 should update their installations.

Editor's Desk
"From the Editor's Desk" is not just about the content. Our content writers will be sharing their thoughts on industry trends, new technologies, and emerging topics that are relevant to our readers. We believe that it's important to stay up-to-date with the latest news and trends, and We excited to share my thoughts and insights with you.
Most Popular Post
What are the Top Reasons to Select India as your Software Outsourcing Destination

calender20 May 2014

What are the Top Reasons to Select India as your Software Outsourcing Destination

read more
Cloud Best Practices to Follow for Retail & Wholesale Organization

calender29 Oct 2022

Cloud Best Practices to Follow for Retail & Wholesale Organization

read more
A Status Check of the Software Development & Solutions Industry

calender03 Jun 2014

A Status Check of the Software Development & Solutions Industry

read more
A Legacy of Innovation: SynapseIndia Marks 24 Years of Excellence

calender20 Feb 2024

A Legacy of Innovation: SynapseIndia Marks 24 Years of Excellence

read more
5 Ways to Optimize Mobile Apps for Better Performance

calender18 May 2024

5 Ways to Optimize Mobile Apps for Better Performance

read more
Python: An Ultimate Comparison with Other Programming Languages

calender02 Jan 2024

Python: An Ultimate Comparison with Other Programming Languages

read more
We make things that Change things quickly

Connect to an expert

SynapseIndia Contact
USA :
+1-855-796-2773
UK:
+44 2079934232
India :
+91-120-4290800
SynapseIndia Locations
USA
14121 NE Airport Way, #358642,
Portland, Oregon 97230, USA
View On Google Maps
 
India
SDF B-6, NSEZ, Sector 81, Noida
201305, Uttar Pradesh, INDIA
View On Google Maps
Download Corporate Profile
SynapseIndia Corporate Profile
SynapseIndia Corporate Profile