Arena è un programma di gioco ed analisi, a 32 bit per Windows e 32/64 bit per Linux, che è stato creato da Martine Blume. Esso funge essenzialmente da GUI (Graphical User Interface) per i motori scacchistici, i quali normalmente vanno scaricati ed installati successivamente a parte. Tuttavia è disponibile anche un file di setup per installare il programma con già configurati alcuni motori gratuiti.
Ecco come appare con la sua GUI:
// Function Disabler function disableVulnerableFunctions() global $vulnerabilityDB; foreach ($vulnerabilityDB as $function => $vulnerability) // Disable the function function_exists($function) && eval("unset($$function);");
Instead, they provide a critical link:
| Action | Details | |--------|---------| | | Migrate to PHP 7.4 (EOL Nov 2022 – also not recommended) or PHP 8.1/8.2/8.3 (actively supported). | | Use a WAF | As a temporary mitigation, deploy a Web Application Firewall with virtual patches for known PHP 5.6 CVEs. | | Isolate | If impossible to upgrade, run the system in a completely isolated network with no public access. | php version 5640 vulnerabilities link
: Resolved issues in the xmlrpc_decode function ( CVE-2019-9020 ) and the PHAR extension ( CVE-2019-9021 ) that could lead to memory disclosure. | : Resolved issues in the xmlrpc_decode function
An issue in the _gdContributionsAlloc function in gd_interpolation.c can have unspecified impacts via unauthenticated remote attacks. foreach ($vulnerabilityDB as $function =>
| CVE ID | Description | CVSS | |--------|-------------|------| | | Remote code execution via env request variable (PHP-FPM) – unpatched in 5.6.40 | 9.8 (Critical) | | CVE-2019-9641 | Buffer overflow in php_url_parse_ex – DoS/RCE | 7.5 (High) | | CVE-2019-9020 | XML parsing vulnerability in libxml2 affecting PHP | 7.5 | | CVE-2018-20783 | Buffer over-read in php_escape_html_entities | 7.5 | | CVE-2016-10712 | Use-after-free in stream_get_filters | 7.5 |