Lucene search

K

PRIOn knowledge basePRION:CVE-2015-3307

HistoryJun 09, 2015 - 6:59 p.m.

Heap overflow

2015-06-0918:59:00

PRIOn knowledge base

www.prio-n.com

6

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.082 Low

EPSS

Percentile

94.2%

The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.

CPENameOperatorVersion
mac_os_xle10.10.4
mac_os_xle10.10.4
phpeq5.5.0 alpha1
phpeq5.6.0 alpha5
phpeq5.6.5
phpeq5.5.0 alpha3
phple5.4.39
phpeq5.5.19
phpeq5.5.0 beta3
phpeq5.5.0

Rows per page:

1-10 of 591

References

lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

rhn.redhat.com/errata/RHSA-2015-1066.html

rhn.redhat.com/errata/RHSA-2015-1135.html

rhn.redhat.com/errata/RHSA-2015-1186.html

rhn.redhat.com/errata/RHSA-2015-1187.html

rhn.redhat.com/errata/RHSA-2015-1218.html

www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

www.securityfocus.com/bid/74703

bugs.php.net/bug.php?id=69443

bugzilla.redhat.com/show_bug.cgi?id=1223441

support.apple.com/kb/HT205031

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.082 Low

EPSS

Percentile

94.2%

Related for PRION:CVE-2015-3307

f51 hackerone1 cve1 ubuntucve1 openvas13 osv2 nessus21 veracode19 redhat5 oraclelinux4 debian1 centos2 securityvulns2 rosalinux1