Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-4600
HistoryMay 16, 2016 - 10:59 a.m.

CVE-2015-4600

2016-05-1610:59:07
[email protected]
web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

JSON

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to “type confusion” issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.

Affected configurations

NVD
Node
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_hpc_nodeMatch7.0
OR
redhatenterprise_linux_hpc_node_eusMatch7.1
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_server_eusMatch7.1
OR
redhatenterprise_linux_workstationMatch7.0
Node
phpphpRange5.4.39
OR
phpphpMatch5.5.0
OR
phpphpMatch5.5.1
OR
phpphpMatch5.5.2
OR
phpphpMatch5.5.3
OR
phpphpMatch5.5.4
OR
phpphpMatch5.5.5
OR
phpphpMatch5.5.6
OR
phpphpMatch5.5.7
OR
phpphpMatch5.5.8
OR
phpphpMatch5.5.9
OR
phpphpMatch5.5.10
OR
phpphpMatch5.5.11
OR
phpphpMatch5.5.12
OR
phpphpMatch5.5.13
OR
phpphpMatch5.5.14
OR
phpphpMatch5.5.15
OR
phpphpMatch5.5.16
OR
phpphpMatch5.5.17
OR
phpphpMatch5.5.18
OR
phpphpMatch5.5.19
OR
phpphpMatch5.5.20
OR
phpphpMatch5.5.21
OR
phpphpMatch5.5.22
OR
phpphpMatch5.5.23
OR
phpphpMatch5.6.0
OR
phpphpMatch5.6.1
OR
phpphpMatch5.6.2
OR
phpphpMatch5.6.3
OR
phpphpMatch5.6.4
OR
phpphpMatch5.6.5
OR
phpphpMatch5.6.6
OR
phpphpMatch5.6.7

Related

cve 2
prion 2
cvelist 2
nvd 1
ubuntucve 2
nessus 24
f5 2
openvas 19
suse 5
ubuntu 1
oraclelinux 4
redhat 4
securityvulns 2
ibm 4
osv 1
veracode 2
debian 1
centos 2
rosalinux 1
cve
cve
CVE-2015-4600
2016-05-16 10:59:07
CVE-2015-4601
2016-05-16 10:59:08
prion
prion
Type confusion
2016-05-16 10:59:00
Type confusion
2016-05-16 10:59:00
cvelist
cvelist
CVE-2015-4600
2016-05-16 10:00:00
CVE-2015-4601
2016-05-16 10:00:00
nvd
nvd
CVE-2015-4601
2016-05-16 10:59:08
ubuntucve
ubuntucve
CVE-2015-4600
2015-06-23 00:00:00
CVE-2015-4601
2015-06-23 00:00:00
nessus
nessus
F5 Networks BIG-IP : Multiple PHP vulnerabilities (K17061)
2016-02-18 00:00:00
SUSE SLES11 Security Update : PHP (SUSE-SU-2015:1265-1)
2015-07-21 00:00:00
openSUSE Security Update : php5 (openSUSE-2015-471)
2015-07-07 00:00:00
f5
f5
SOL17061 - Multiple PHP vulnerabilities
2015-08-07 00:00:00
K17061 : Multiple PHP vulnerabilities
2015-08-07 00:00:00
openvas
openvas
SUSE: Security Advisory for PHP (SUSE-SU-2015:1265-1)
2015-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1265-1)
2021-06-09 00:00:00
PHP Multiple Vulnerabilities - 03 (Jun 2015) - Linux
2015-06-17 00:00:00
suse
suse
Security update for PHP (important)
2015-07-17 20:09:41
Security update for php5 (important)
2015-07-06 10:05:40
Security update for php5 (important)
2015-07-17 11:08:12
ubuntu
ubuntu
PHP vulnerabilities
2015-07-06 00:00:00
oraclelinux
oraclelinux
php55 security and bug fix update
2016-02-04 00:00:00
php security update
2015-07-09 00:00:00
php54 security and bug fix update
2016-02-04 00:00:00
redhat
redhat
(RHSA-2015:1053) Moderate: php55 security and bug fix update
2015-06-04 00:00:00
(RHSA-2015:1218) Moderate: php security update
2015-07-09 00:00:00
(RHSA-2015:1066) Important: php54 security and bug fix update
2015-06-04 00:00:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2015-07-13 00:00:00
[USN-2658-1] PHP vulnerabilities
2015-07-13 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in php affect IBM Flex System Manger (FSM)
2019-01-31 02:10:01
Security Bulletin: Multiple vulnerabilities affect IBM Flex System Chassis Management Module
2019-01-31 02:25:02
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by multiple vulnerabilities in GNU C Library (glibc), krb5 and php
2020-11-02 20:22:51
osv
osv
php5 - security update
2015-09-07 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:39:29
Integer Overflow
2019-05-02 05:40:32
debian
debian
[SECURITY] [DLA 307-1] php5 security update
2015-09-07 20:21:46
centos
centos
php security update
2015-07-09 19:23:41
php security update
2015-06-24 03:28:02
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

0.066 Low

EPSS

Percentile

93.8%

JSON
Related for NVD:CVE-2015-4600
cve2prion2cvelist2nvd1ubuntucve2nessus24f52openvas19suse5ubuntu1oraclelinux4redhat4securityvulns2ibm4osv1veracode2debian1centos2rosalinux1