Vulnerability Name: | CVE-2015-7804 (CCN-106903) | ||||||||||||||||||||
Assigned: | 2015-10-05 | ||||||||||||||||||||
Published: | 2015-10-05 | ||||||||||||||||||||
Updated: | 2016-12-07 | ||||||||||||||||||||
Summary: | Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive. <a href="http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html">Per Advisory: The attack can lead to remote code execution | ||||||||||||||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) 4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
| ||||||||||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||
Vulnerability Type: | CWE-189 | ||||||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2015-7804 Source: CONFIRM Type: UNKNOWN http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1 Source: APPLE Type: UNKNOWN APPLE-SA-2015-12-08-3 Source: SUSE Type: UNKNOWN openSUSE-SU-2016:0251 Source: CCN Type: PHP Web site Fixed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip entry filename is "/") Source: CCN Type: RHSA-2016-0457 Moderate: rh-php56-php security update Source: DEBIAN Type: UNKNOWN DSA-3380 Source: MLIST Type: UNKNOWN [oss-security] 20151005 CVE request: issues fixed in PHP 5.6.14 and 5.5.30 Source: CONFIRM Type: UNKNOWN http://www.php.net/ChangeLog-5.php Source: BID Type: UNKNOWN 76959 Source: CCN Type: BID-76959 PHP PHAR Multiple Denial of Service Vulnerabilities Source: SLACKWARE Type: UNKNOWN SSA:2016-034-04 Source: UBUNTU Type: UNKNOWN USN-2786-1 Source: CONFIRM Type: Vendor Advisory https://bugs.php.net/bug.php?id=70433 Source: XF Type: UNKNOWN php-pharmakedirstream-dos(106903) Source: GENTOO Type: UNKNOWN GLSA-201606-10 Source: CONFIRM Type: Vendor Advisory https://support.apple.com/HT205637 | ||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
BACK |