CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.0%
Updated php packages fix security vulnerabilities: Buffer Over-read in unserialize when parsing Phar (CVE-2015-2783). Buffer Overflow when parsing tar/zip/phar in phar_set_inode (CVE-2015-3329). Potential remote code execution with apache 2.4 apache2handler (CVE-2015-3330). PHP has been updated to version 5.5.24, which fixes these issues and other bugs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | php | < 5.5.24-1 | php-5.5.24-1.mga4 |
Mageia | 4 | noarch | php-apc | < 3.1.15-4.14 | php-apc-3.1.15-4.14.mga4 |
Mageia | 4 | noarch | php-timezonedb | < 2015.3-1 | php-timezonedb-2015.3-1.mga4 |