Lucene search

K
ubuntuUbuntuUSN-2535-1
HistoryMar 18, 2015 - 12:00 a.m.

PHP vulnerabilities

2015-03-1800:00:00
ubuntu.com
55

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.955 High

EPSS

Percentile

99.3%

Releases

  • Ubuntu 14.10
  • Ubuntu 14.04 ESM
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • php5 - HTML-embedded scripting language interpreter

Details

Thomas Jarosch discovered that PHP incorrectly limited recursion in the
fileinfo extension. A remote attacker could possibly use this issue to
cause PHP to consume resources or crash, resulting in a denial of service.
(CVE-2014-8117)

S. Paraschoudis discovered that PHP incorrectly handled memory in the
enchant binding. A remote attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2014-9705)

Taoguang Chen discovered that PHP incorrectly handled unserializing
objects. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-0273)

It was discovered that PHP incorrectly handled memory in the phar
extension. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-2301)

OSVersionArchitecturePackageVersionFilename
Ubuntu14.10noarchlibapache2-mod-php5< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchlibapache2-mod-php5filter< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchlibphp5-embed< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchphp5-cgi< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchphp5-cli< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchphp5-common< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchphp5-curl< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchphp5-dbg< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchphp5-dev< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Ubuntu14.10noarchphp5-enchant< 5.5.12+dfsg-2ubuntu4.3UNKNOWN
Rows per page:
1-10 of 1061

8.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.955 High

EPSS

Percentile

99.3%