CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.4%
Package : php5
Version : 5.3.3.1-7+squeeze26
CVE ID : CVE-2014-9705 CVE-2015-0232 CVE-2015-2301 CVE-2015-2331
CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-3330
CVE-2014-9705
Heap-based buffer overflow in the enchant_broker_request_dict
function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x
before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers
to execute arbitrary code via vectors that trigger creation of
multiple dictionaries.
CVE-2015-0232
The exif_process_unicode function in ext/exif/exif.c in PHP
before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5
allows remote attackers to execute arbitrary code or cause a
denial of service (uninitialized pointer free and application
crash) via crafted EXIF data in a JPEG image.
CVE-2015-2301
Use-after-free vulnerability in the phar_rename_archive function
in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6
allows remote attackers to cause a denial of service or possibly
have unspecified other impact via vectors that trigger an attempted
renaming of a Phar archive to the name of an existing file.
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c
in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP
before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and
other products, allows remote attackers to cause a denial of
service (application crash) or possibly execute arbitrary code
via a ZIP archive that contains many entries, leading to a
heap-based buffer overflow.
CVE-2015-2783
Buffer Over-read in unserialize when parsing Phar
CVE-2015-2787
Use-after-free vulnerability in the process_nested_data function
in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x
before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to
execute arbitrary code via a crafted unserialize call that
leverages use of the unset function within an __wakeup function,
a related issue to CVE-2015-0231.
CVE-2015-3329
Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
CVE-2015-3330
PHP potential remote code execution with apache 2.4 apache2handler
CVE-2015-temp-68819
denial of service when processing a crafted file with Fileinfo
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | sparc | libapache2-mod-php5 | < 5.4.39-0+deb7u1 | libapache2-mod-php5_5.4.39-0+deb7u1_sparc.deb |
Debian | 7 | kfreebsd-amd64 | php5-xmlrpc | < 5.4.39-0+deb7u1 | php5-xmlrpc_5.4.39-0+deb7u1_kfreebsd-amd64.deb |
Debian | 6 | i386 | php5-odbc | < 5.3.3.1-7+squeeze26 | php5-odbc_5.3.3.1-7+squeeze26_i386.deb |
Debian | 7 | armhf | php5-common | < 5.4.39-0+deb7u1 | php5-common_5.4.39-0+deb7u1_armhf.deb |
Debian | 7 | kfreebsd-amd64 | php5-xsl | < 5.4.39-0+deb7u1 | php5-xsl_5.4.39-0+deb7u1_kfreebsd-amd64.deb |
Debian | 7 | armel | php5-xmlrpc | < 5.4.39-0+deb7u1 | php5-xmlrpc_5.4.39-0+deb7u1_armel.deb |
Debian | 7 | s390 | php5-enchant | < 5.4.39-0+deb7u1 | php5-enchant_5.4.39-0+deb7u1_s390.deb |
Debian | 7 | powerpc | php5-cgi | < 5.4.39-0+deb7u1 | php5-cgi_5.4.39-0+deb7u1_powerpc.deb |
Debian | 7 | mipsel | php5-interbase | < 5.4.39-0+deb7u1 | php5-interbase_5.4.39-0+deb7u1_mipsel.deb |
Debian | 7 | amd64 | php5-pspell | < 5.4.39-0+deb7u1 | php5-pspell_5.4.39-0+deb7u1_amd64.deb |