EUVD-2015-4619

Malware in sbrugna...

K17061: Multiple PHP vulnerabilities

Security Advisory Description CVE-2015-4599 The SoapFault::toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service application crash, or possibly execute arbitrary code...

CVE-2015-4599

The SoapFault::toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service application crash, or possibly execute arbitrary code via an unexpected data type, related to a...

Type confusion

The SoapFault::toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service application crash, or possibly execute arbitrary code via an unexpected data type, related to a...

CVE-2015-4599

The SoapFault::toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service application crash, or possibly execute arbitrary code via an unexpected data type, related to a...

CVE-2015-4599

CVE-2015-4599 affects PHP’s SoapFault::__toString in ext/soap/soap.c. The issue arises from a type confusion when processing unexpected data types, enabling remote attackers to obtain sensitive information, trigger a denial of service (application crash), or possibly execute arbitrary code. Affec...

PHP SoapFault Type Confusion

Type Confusion Infoleak Vulnerability in unserialize with SoapFault Taoguang Chen - Write Date: 2015.3.1 - Release Date: 2015.4.28 A type confusion vulnerability was discovered in unserialize with SoapFault object's toString magic method that can be abused for leaking arbitrary memory blocks...