Lucene search
GoogleOSV:DSA-3280-1HistoryJun 07, 2015 - 12:00 a.m.
php5 - security update
2015-06-0700:00:00
Google
osv.dev
14
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Multiple vulnerabilities have been discovered in PHP:
- CVE-2015-4025 /
CVE-2015-4026
Multiple function didn’t check for NULL bytes in path names. - CVE-2015-4024
Denial of service when processing multipart/form-data requests. - CVE-2015-4022
Integer overflow in the ftp_genlist() function may result in
denial of service or potentially the execution of arbitrary code. - CVE-2015-4021
CVE-2015-3329
CVE-2015-2783
Multiple vulnerabilities in the phar extension may result in
denial of service or potentially the execution of arbitrary code
when processing malformed archives.
For the oldstable distribution (wheezy), these problems have been fixed
in version 5.4.41-0+deb7u1.
For the stable distribution (jessie), these problems have been fixed in
version 5.6.9+dfsg-0+deb8u1.
For the testing distribution (stretch), these problems have been fixed
in version 5.6.9+dfsg-1.
For the unstable distribution (sid), these problems have been fixed in
version 5.6.9+dfsg-1.
We recommend that you upgrade your php5 packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| php5 | eq | 5.6.7+dfsg-1 |
References
Related
openvas
openvas
Debian Security Advisory DSA 3280-1 (php5 - security update)
2015-06-07 00:00:00
Debian Security Advisory DSA 3280-1 (php5 - security update)
2015-06-07 00:00:00
PHP Multiple Vulnerabilities - 02 - Jun15 (Windows)
2015-06-16 00:00:00
debian
debian
[SECURITY] [DSA 3280-1] php5 security update
2015-06-07 17:06:52
[SECURITY] [DLA 307-1] php5 security update
2015-09-07 20:21:46
[SECURITY] [DLA 212-1] php5 security update
2015-04-29 20:45:33
securityvulns
securityvulns
[SECURITY] [DSA 3280-1] php5 security update
2015-06-08 00:00:00
PHP multiple security vulnerabilities
2015-06-13 00:00:00
PHP security vulnerabilities
2015-05-05 00:00:00
nessus
nessus
Debian DSA-3280-1 : php5 - security update
2015-06-09 00:00:00
Amazon Linux AMI : php55 (ALAS-2015-535)
2015-06-04 00:00:00
openSUSE Security Update : php5 (openSUSE-2015-396)
2015-06-04 00:00:00
amazon
amazon
Medium: php55
2015-06-02 22:21:00
Important: php56
2015-06-02 22:22:00
Important: php54
2015-06-02 22:20:00
mageia
mageia
Updated php packages fix security vulnerabilities
2015-05-18 22:08:05
Updated php packages fix security vulnerabilities
2015-04-25 23:15:07
fedora
fedora
[SECURITY] Fedora 22 Update: php-5.6.9-1.fc22
2015-05-26 03:40:42
[SECURITY] Fedora 21 Update: php-5.6.9-1.fc21
2015-05-27 16:13:20
[SECURITY] Fedora 20 Update: php-5.5.25-1.fc20
2015-05-27 16:23:41
freebsd
freebsd
php -- multiple vulnerabilities
2015-05-14 00:00:00
redhat
redhat
(RHSA-2015:1219) Moderate: php54-php security update
2015-07-09 00:00:00
(RHSA-2015:1186) Important: php55-php security update
2015-06-25 00:00:00
(RHSA-2015:1187) Important: rh-php56-php security update
2015-06-25 00:00:00
slackware
slackware
[slackware-security] php
2015-06-11 23:01:25
veracode
veracode
Heap-based Buffer Overflow
2019-05-02 05:39:55
Arbitrary File Write
2019-05-02 05:39:55
Improper Input Validation
2019-05-02 05:39:56
oraclelinux
oraclelinux
php54-php security update
2016-02-04 00:00:00
php55-php security update
2016-02-04 00:00:00
php security update
2015-07-09 00:00:00
ubuntucve
ubuntucve
f5
f5
K16993 : PHP vulnerabilities CVE-2015-4025 and CVE-2015-4026
2015-07-22 00:00:00
SOL16993 - PHP vulnerabilities CVE-2015-4025 and CVE-2015-4026
2015-07-22 00:00:00
K07052904 : PHP vulnerability CVE-2015-3307
2019-02-11 00:00:00
suse
suse
Security update for php5 (important)
2015-05-12 17:05:25
Security update for php5 (important)
2015-07-17 11:08:12
Security update for php5 (important)
2015-07-17 10:12:10
centos
centos
php security update
2015-07-09 19:23:41
php security update
2015-06-24 03:28:02
hackerone
hackerone
prion
prion
Heap overflow
2015-06-09 18:59:00
Design/Logic Flaw
2015-06-09 18:59:00
Stack overflow
2015-06-09 18:59:00
cve
cve
checkpoint_advisories
checkpoint_advisories
PHP Multipart Remote Denial of Service (CVE-2015-4024)
2015-06-30 00:00:00
PHP ftp_genlist method Integer Overflow (CVE-2015-4022)
2015-07-01 00:00:00
PHP phar_parse_tarfile method Integer Overflow (CVE-2015-4021)
2015-07-20 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2015-07-06 00:00:00
PHP vulnerabilities
2015-04-20 00:00:00
osv
osv
php5 - security update
2015-09-07 00:00:00
php5 - security update
2015-04-29 00:00:00
ibm
ibm
gentoo
gentoo
PHP: Multiple vulnerabilities
2016-06-19 00:00:00
archlinux
archlinux
php: multiple issues
2015-04-17 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for OSV:DSA-3280-1