Lucene search

Ubuntu.comUB:CVE-2015-8880

HistoryMay 22, 2016 - 12:00 a.m.

CVE-2015-8880

2016-05-2200:00:00

ubuntu.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.7%

JSON

Double free vulnerability in the format printer in PHP 7.x before 7.0.1
allows remote attackers to have an unspecified impact by triggering an
error.

Notes

Author	Note
sbeattie	PEAR issues should go against php-pear as of xenial

References

php.net/ChangeLog-7.php

launchpad.net/bugs/cve/CVE-2015-8880

nvd.nist.gov/vuln/detail/CVE-2015-8880

security-tracker.debian.org/tracker/CVE-2015-8880

www.cve.org/CVERecord?id=CVE-2015-8880

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.7%

JSON

Related for UB:CVE-2015-8880