Lucene search
UbuntuUSN-2786-1HistoryOct 28, 2015 - 12:00 a.m.
PHP vulnerabilities
2015-10-2800:00:00
ubuntu.com
33
8.5 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.066 Low
EPSS
Percentile
93.8%
Releases
- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- php5 - HTML-embedded scripting language interpreter
Details
It was discovered that the PHP phar extension incorrectly handled certain
files. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service. (CVE-2015-7803, CVE-2015-7804)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.10 | noarch | libapache2-mod-php5 | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | libapache2-mod-php5-dbgsym | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | libapache2-mod-php5filter | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | libapache2-mod-php5filter-dbgsym | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | libphp5-embed | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | libphp5-embed-dbgsym | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | php-pear | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | php5 | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | php5-cgi | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.10 | noarch | php5-cgi-dbgsym | < 5.6.11+dfsg-1ubuntu3.1 | UNKNOWN |
Related
nessus
nessus
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2786-1)
2015-10-29 00:00:00
PHP 5.6.x < 5.6.14 Multiple Vulnerabilities
2015-10-06 00:00:00
PHP 5.5.x < 5.5.30 Multiple Vulnerabilities
2015-10-06 00:00:00
securityvulns
securityvulns
[USN-2786-1] PHP vulnerabilities
2015-11-02 00:00:00
PHP security vulnerabilities
2015-11-02 00:00:00
f5
f5
K17503 : PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804
2015-10-29 00:00:00
SOL17503 - PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804
2015-10-29 00:00:00
debian
debian
[SECURITY] [DSA 3380-1] php5 security update
2015-10-27 18:43:43
[SECURITY] [DLA 341-1] php5 security update
2015-11-08 18:51:20
openvas
openvas
Debian: Security Advisory (DSA-3380-1)
2015-10-26 00:00:00
Debian Security Advisory DSA 3380-1 (php5 - security update)
2015-10-27 00:00:00
PHP Multiple Denial of Service Vulnerabilities - 01 (Dec 2015) - Windows
2015-12-15 00:00:00
osv
osv
php5 - security update
2015-10-27 00:00:00
php5 - security update
2015-11-08 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2015-10-01 00:00:00
slackware
slackware
[slackware-security] php
2016-02-04 00:07:13
ubuntucve
ubuntucve
CVE-2015-7804
2015-10-12 00:00:00
CVE-2015-7803
2015-10-12 00:00:00
hackerone
hackerone
Internet Bug Bounty: Uninitialized pointer in phar_make_dirstream
2015-09-05 00:00:00
Internet Bug Bounty: Null pointer dereference in phar_get_fp_offset()
2015-05-28 00:00:00
cve
cve
CVE-2015-7804
2015-12-11 12:00:00
CVE-2015-7803
2015-12-11 12:00:00
prion
prion
Null pointer dereference
2015-12-11 12:00:00
Null pointer dereference
2015-12-11 12:00:00
amazon
amazon
Medium: php55
2015-10-20 14:52:00
Medium: php56
2015-10-20 14:50:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:27:42
Use After Free
2019-05-02 05:27:42
Denial Of Service (DoS)
2019-05-02 05:27:42
redhat
redhat
(RHSA-2016:0457) Moderate: rh-php56-php security update
2016-03-15 00:00:00
suse
suse
Security update for php53 (important)
2016-04-25 19:08:08
Security update for php53 (important)
2016-06-14 20:07:58
Security update for php53 (important)
2016-06-21 13:08:17
gentoo
gentoo
PHP: Multiple vulnerabilities
2016-06-19 00:00:00
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
8.5 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.066 Low
EPSS
Percentile
93.8%
Related for USN-2786-1