7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.955 High
EPSS
Percentile
99.3%
03/30/2015
Critical
Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to inject or execute arbitrary code, bypass security restrictions or cause denial of service.
PHP versions earlier than 5.4.39
PHP 5.5 versions earlier than 5.5.23
PHP 5.6 versions earlier than 5.6.7
Update to the latest version
Get PHP
ACE
CVE-2015-27877.5Critical
CVE-2015-23485.0Critical
CVE-2015-23317.5Critical
CVE-2015-23017.5Critical
CVE-2015-13517.5Critical
CVE-2015-02737.5Critical
CVE-2014-97095.0Critical
CVE-2014-97057.5Critical
CVE-2014-96537.5Critical
CVE-2014-96525.0Critical
php.net/ChangeLog-5.php
php.net/downloads.php
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2348
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2787
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/PHP/