| Vulnerability Name: | CVE-2015-8865 (CCN-113955) | ||||||||||||||||||||||||||||||||||||
| Assigned: | 2016-05-20 | ||||||||||||||||||||||||||||||||||||
| Published: | 2016-05-20 | ||||||||||||||||||||||||||||||||||||
| Updated: | 2018-06-30 | ||||||||||||||||||||||||||||||||||||
| Summary: | The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file. | ||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) 6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||
| References: | Source: CONFIRM Type: UNKNOWN http://bugs.gw.com/view.php?id=522 Source: MITRE Type: CNA CVE-2015-8865 Source: CONFIRM Type: UNKNOWN http://git.php.net/?p=php-src.git;a=commit;h=fe13566c93f118a15a96320a546c7878fd0cfc5e Source: APPLE Type: UNKNOWN APPLE-SA-2016-05-16-4 Source: SUSE Type: UNKNOWN openSUSE-SU-2016:1167 Source: CCN Type: RHSA-2016-2750 Moderate: rh-php56 security, bug fix, and enhancement update Source: REDHAT Type: UNKNOWN RHSA-2016:2750 Source: DEBIAN Type: UNKNOWN DSA-3560 Source: CCN Type: IBM Security Bulletin 1983416 (Tealeaf Customer Experience) Multiple security issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On Source: CCN Type: IBM Security Bulletin 1988257 (Tealeaf Customer Experience) Multiple vulnerabilities in PHP and memcached libraries affect IBM Tealeaf Customer Experience Source: MLIST Type: UNKNOWN [oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases Source: CCN Type: PHP Web site PHP: Hypertext Preprocessor Source: CONFIRM Type: UNKNOWN http://www.php.net/ChangeLog-5.php Source: CONFIRM Type: UNKNOWN http://www.php.net/ChangeLog-7.php Source: BID Type: UNKNOWN 85802 Source: CCN Type: BID-85802 PHP 'finfo_open()' Function Denial of Service Vulnerability Source: UBUNTU Type: UNKNOWN USN-2952-1 Source: UBUNTU Type: UNKNOWN USN-2952-2 Source: CONFIRM Type: Exploit https://bugs.php.net/bug.php?id=71527 Source: XF Type: UNKNOWN php-cve20158865-code-exec(113955) Source: CONFIRM Type: UNKNOWN https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36 Source: CONFIRM Type: UNKNOWN https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 Source: GENTOO Type: UNKNOWN GLSA-201611-22 Source: GENTOO Type: UNKNOWN GLSA-201701-42 Source: CONFIRM Type: UNKNOWN https://support.apple.com/HT206567 Source: UBUNTU Type: UNKNOWN USN-3686-1 Source: UBUNTU Type: UNKNOWN USN-3686-2 Source: CCN Type: WhiteSource Vulnerability Database CVE-2015-8865 | ||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||