The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities today (refer below url):
Perhaps PHP program version will make you frustrated. Why? The vulnerabilities addressed by MS-ISAC only for Version 7.2.11 & Version 7.1.23. However there is another fix coming soon (see below):
Fixed bug #76946 (Cyclic reference in generator not detected)
Fixed bug #75851 (Year component overflow with date formats “c”, “o”, “r” and “y”). (Adam Saponara)
Fixed bug #76948 (Failed shutdown/reboot or end session in Windows).
Fixed bug #76954 (apache_response_headers removes last character from header
. Fixed bug #76972 (Data truncation due to forceful ssl socket shutdown).
. Fixed bug #76942 (U_ARGUMENT_TYPE_MISMATCH). (anthrax at unixuser dot org)
. Fixed bug #76965 (INI_SCANNER_RAW doesn’t strip trailing whitespace).
. Fixed bug #30875 (xml_parse_into_struct() does not resolve entities).
Should you have interested, please review above diagram. PHP look likes a game.