Lucene search

CVE-2015-4025

🗓️ 09 Jun 2015 18:07:59Reported by mitreType

PHP versions before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates pathname, allowing remote attack to bypass extension restrictions

Reporter	Title	Published	Views	Family All 199
Prion	Code injection	9 Jun 201518:59	–	prion
Prion	Design/Logic Flaw	9 Jun 201518:59	–	prion
Prion	Information disclosure	30 Mar 201510:59	–	prion
Cvelist	CVE-2015-4025	9 Jun 201518:00	–	cvelist
Cvelist	CVE-2006-7243	18 Jan 201119:00	–	cvelist
Cvelist	CVE-2015-2348	30 Mar 201510:00	–	cvelist
Cvelist	CVE-2015-4026	9 Jun 201518:00	–	cvelist
NVD	CVE-2015-4025	9 Jun 201518:59	–	nvd
NVD	CVE-2006-7243	18 Jan 201120:00	–	nvd
NVD	CVE-2015-2348	30 Mar 201510:59	–	nvd

Nvd

Node

apple mac_os_xRange≤10.10.4

Node

php phpRange≤5.4.40

php phpMatch5.4.39

php phpMatch5.5.0

php phpMatch5.5.0alpha1

php phpMatch5.5.0alpha2

php phpMatch5.5.0alpha3

php phpMatch5.5.0alpha4

php phpMatch5.5.0alpha5

php phpMatch5.5.0alpha6

php phpMatch5.5.0beta1

php phpMatch5.5.0beta2

php phpMatch5.5.0beta3

php phpMatch5.5.0beta4

php phpMatch5.5.0rc1

php phpMatch5.5.0rc2

php phpMatch5.5.1

php phpMatch5.5.2

php phpMatch5.5.3

php phpMatch5.5.4

php phpMatch5.5.5

php phpMatch5.5.6

php phpMatch5.5.7

php phpMatch5.5.8

php phpMatch5.5.9

php phpMatch5.5.10

php phpMatch5.5.11

php phpMatch5.5.12

php phpMatch5.5.13

php phpMatch5.5.14

php phpMatch5.5.18

php phpMatch5.5.19

php phpMatch5.5.20

php phpMatch5.5.21

php phpMatch5.5.22

php phpMatch5.5.23

php phpMatch5.5.24

php phpMatch5.6.0alpha1

php phpMatch5.6.0alpha2

php phpMatch5.6.0alpha3

php phpMatch5.6.0alpha4

php phpMatch5.6.0alpha5

php phpMatch5.6.0beta1

php phpMatch5.6.0beta2

php phpMatch5.6.0beta3

php phpMatch5.6.0beta4

php phpMatch5.6.2

php phpMatch5.6.3

php phpMatch5.6.4

php phpMatch5.6.5

php phpMatch5.6.6

php phpMatch5.6.7

php phpMatch5.6.8

Node

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_hpc_nodeMatch7.0

redhat enterprise_linux_hpc_node_eusMatch7.1

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_eusMatch7.1

redhat enterprise_linux_workstationMatch7.0

Node

redhat enterprise_linuxMatch6.0

redhat enterprise_linuxMatch7.0

Source	Link
lists	www.lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html
debian	www.debian.org/security/2015/dsa-3280
rhn	www.rhn.redhat.com/errata/RHSA-2015-1186.html
securityfocus	www.securityfocus.com/bid/74904
rhn	www.rhn.redhat.com/errata/RHSA-2015-1187.html
lists	www.lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
rhn	www.rhn.redhat.com/errata/RHSA-2015-1135.html
support	www.support.apple.com/kb/HT205031
bugs	www.bugs.php.net/bug.php
securitytracker	www.securitytracker.com/id/1032431

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jun 2015 18:59Current

8.1High risk

Vulners AI Score8.1

CVSS27.5

EPSS0.01991

CWE-19