CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
99.3%
Thomas Jarosch discovered that PHP incorrectly limited recursion in the
fileinfo extension. A remote attacker could possibly use this issue to
cause PHP to consume resources or crash, resulting in a denial of service.
(CVE-2014-8117)
S. Paraschoudis discovered that PHP incorrectly handled memory in the
enchant binding. A remote attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2014-9705)
Taoguang Chen discovered that PHP incorrectly handled unserializing
objects. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-0273)
It was discovered that PHP incorrectly handled memory in the phar
extension. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-2301)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.10 | noarch | libapache2-mod-php5 | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | libapache2-mod-php5filter | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | libphp5-embed | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | php5-cgi | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | php5-cli | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | php5-common | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | php5-curl | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | php5-dbg | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | php5-dev | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |
Ubuntu | 14.10 | noarch | php5-enchant | < 5.5.12+dfsg-2ubuntu4.3 | UNKNOWN |