Lucene search
Ubuntu.comUB:CVE-2015-4021HistoryJun 09, 2015 - 12:00 a.m.
CVE-2015-4021
2015-06-0900:00:00
ubuntu.com
ubuntu.com
11
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.74 High
EPSS
Percentile
98.1%
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41,
5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first
character of a filename is different from the \0 character, which allows
remote attackers to cause a denial of service (integer underflow and memory
corruption) via a crafted entry in a tar archive.
Bugs
References
Related
checkpoint_advisories
checkpoint_advisories
PHP phar_parse_tarfile method Integer Overflow (CVE-2015-4021)
2015-07-20 00:00:00
cve
cve
CVE-2015-4021
2015-06-09 18:59:00
f5
f5
SOL17070 - PHP vulnerability CVE-2015-4021
2015-08-06 00:00:00
K17070 : PHP vulnerability CVE-2015-4021
2015-08-06 00:00:00
prion
prion
Integer overflow
2015-06-09 18:59:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:06:33
Denial Of Service (DoS)
2019-05-02 05:39:55
Improper Input Validation
2019-05-02 05:39:55
hackerone
hackerone
nessus
nessus
openSUSE Security Update : php5 (openSUSE-2015-396)
2015-06-04 00:00:00
Amazon Linux AMI : php55 (ALAS-2015-535)
2015-06-04 00:00:00
PHP 5.4.x < 5.4.41 / 5.5.x < 5.5.25 Multiple Vulnerabilities
2015-06-18 00:00:00
mageia
mageia
Updated php packages fix security vulnerabilities
2015-05-18 22:08:05
openvas
openvas
PHP Multiple Vulnerabilities - 02 - Jun15 (Linux)
2015-06-16 00:00:00
PHP Multiple Vulnerabilities - 02 - Jun15 (Windows)
2015-06-16 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-535)
2015-09-08 00:00:00
amazon
amazon
Medium: php55
2015-06-02 22:21:00
Important: php56
2015-06-02 22:22:00
Important: php54
2015-06-02 22:20:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2015-06-13 00:00:00
[SECURITY] [DSA 3280-1] php5 security update
2015-06-08 00:00:00
PHP multiple security vulnerabilities
2015-07-13 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: php-5.6.9-1.fc21
2015-05-27 16:13:20
[SECURITY] Fedora 22 Update: php-5.6.9-1.fc22
2015-05-26 03:40:42
[SECURITY] Fedora 20 Update: php-5.5.25-1.fc20
2015-05-27 16:23:41
freebsd
freebsd
php -- multiple vulnerabilities
2015-05-14 00:00:00
debian
debian
[SECURITY] [DSA 3280-1] php5 security update
2015-06-07 17:06:52
[SECURITY] [DLA 307-1] php5 security update
2015-09-07 20:21:46
redhat
redhat
(RHSA-2015:1219) Moderate: php54-php security update
2015-07-09 00:00:00
(RHSA-2015:1186) Important: php55-php security update
2015-06-25 00:00:00
(RHSA-2015:1187) Important: rh-php56-php security update
2015-06-25 00:00:00
osv
osv
php5 - security update
2015-06-07 00:00:00
php5 - security update
2015-09-07 00:00:00
slackware
slackware
[slackware-security] php
2015-06-11 23:01:25
oraclelinux
oraclelinux
php54-php security update
2016-02-04 00:00:00
php55-php security update
2016-02-04 00:00:00
php security update
2015-07-09 00:00:00
suse
suse
Security update for php5 (important)
2015-07-17 10:12:10
Security update for php5 (important)
2015-07-17 11:08:12
Security update for php53 (important)
2016-06-21 13:08:17
ubuntu
ubuntu
PHP vulnerabilities
2015-07-06 00:00:00
centos
centos
php security update
2015-07-09 19:23:41
php security update
2015-06-24 03:28:02
gentoo
gentoo
PHP: Multiple vulnerabilities
2016-06-19 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.74 High
EPSS
Percentile
98.1%
Related for UB:CVE-2015-4021