Lucene search
Arch LinuxASA-201501-17HistoryJan 23, 2015 - 12:00 a.m.
php: remote code execution
2015-01-2300:00:00
Arch Linux
lists.archlinux.org
82
0.88 High
EPSS
Percentile
98.7%
- CVE-2014-9427 (information leak, remote code execution)
A one-byte file containing only the ‘#’ character, not followed by any
newline, causes php-cgi to do an out of bound read, potentially
disclosing sensitive information present in memory or even triggering
code execution if adjacent memory location contains valid PHP code.
- CVE-2015-0231 (remote code execution)
A use-after-free vulnerability in unserialize() allows a remote attacker
to execute arbitrary code. This vulnerability results from an incomplete
fix for CVE-2014-8142.
- CVE-2015-0232 (remote code execution)
An attempt to free an uninitialized pointer may result in arbitrary code
execution while parsing exif information from a carefully crafted file.
Related
nessus
nessus
Amazon Linux AMI : php54 (ALAS-2015-475)
2015-02-13 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2015:032)
2015-02-06 00:00:00
Amazon Linux AMI : php55 (ALAS-2015-474)
2015-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: php-5.6.5-1.fc21
2015-02-06 03:59:46
[SECURITY] Fedora 20 Update: php-5.5.21-1.fc20
2015-02-06 04:03:31
[SECURITY] Fedora 21 Update: php-5.6.4-2.fc21
2014-12-29 09:59:23
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2015-475)
2015-09-08 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-474)
2015-09-08 00:00:00
Fedora Update for php FEDORA-2015-1058
2015-02-06 00:00:00
amazon
amazon
securityvulns
securityvulns
[ MDVSA-2015:032 ] php
2015-02-11 00:00:00
[USN-2501-1] PHP vulnerabilities
2015-02-22 00:00:00
PHP multiple security vulnerabilities
2015-02-22 00:00:00
suse
suse
Security update for php5 (important)
2015-02-24 11:05:36
gentoo
gentoo
PHP: Multiple vulnerabilities
2015-03-08 00:00:00
f5
f5
K16339 : Multiple PHP vulnerabilities CVE-2014-9425, CVE-2014-9426, CVE-2014-9427, CVE-2015-0231, and CVE-2015-0232
2015-04-01 00:00:00
SOL16339 - Multiple PHP vulnerabilities CVE-2014-9425, CVE-2014-9426, CVE-2014-9427, CVE-2015-0231, and CVE-2015-0232
2015-04-01 00:00:00
K16021 : PHP vulnerability CVE-2014-8142
2015-01-22 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2015-02-17 00:00:00
nvd
nvd
ubuntucve
ubuntucve
cve
cve
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2015-01-27 20:03:00
Out-of-bounds
2015-01-03 02:59:00
Null pointer dereference
2015-01-27 20:04:00
cvelist
cvelist
mageia
mageia
Updated php packages fix security vulnerabilities
2015-01-28 00:08:29
Updated php packages fix CVE-2014-8142
2014-12-21 23:47:32
exploitpack
exploitpack
eFront 3.6.15 - PHP Object Injection
2015-05-11 00:00:00
debian
debian
[SECURITY] [DSA 3117-1] php5 security update
2014-12-31 14:47:01
[SECURITY] [DSA 3117-1] php5 security update
2014-12-31 14:47:01
[SECURITY] [DSA 3195-1] php5 security update
2015-03-18 11:56:46
exploitdb
exploitdb
eFront 3.6.15 - PHP Object Injection
2015-05-11 00:00:00
archlinux
archlinux
php: use after free
2014-12-19 00:00:00
threatpost
threatpost
PHP 5.6.5 Released With Several Security Fixes
2015-01-23 11:02:39
hackerone
hackerone
Internet Bug Bounty: out of bounds read crashes php-cgi
2014-12-17 00:00:00
packetstorm
packetstorm
eFront 3.6.15 PHP Object Injection
2015-05-09 00:00:00
osv
osv
php5 - security update
2015-03-18 00:00:00
php5 - security update
2015-04-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:39:23
Use-After-Free
2019-05-02 05:39:23
Out-Of-Bounds Read
2019-05-02 05:39:22
slackware
slackware
[slackware-security] php
2014-12-23 05:38:55
redhat
redhat
(RHSA-2015:1053) Moderate: php55 security and bug fix update
2015-06-04 00:00:00
(RHSA-2015:1066) Important: php54 security and bug fix update
2015-06-04 00:00:00
(RHSA-2015:1135) Important: php security and bug fix update
2015-06-23 00:00:00
oraclelinux
oraclelinux
php55 security and bug fix update
2016-02-04 00:00:00
php54 security and bug fix update
2016-02-04 00:00:00
kaspersky
kaspersky
KLA10515 Multiple vulnerabilities in PHP and extensions
2015-03-30 00:00:00
freebsd
freebsd
Several vulnerabilities found in PHP
2015-03-19 00:00:00
centos
centos
php security update
2015-06-24 03:28:02