Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в PHP
Опубликовано:13 июля 2015 г.
Источник:
SecurityVulns ID:14580
Тип:библиотека
Уровень опасности:
8/10
Описание:Выполнение кода, DoS-условия, проблема нулевого байта, раскрытие информации.
Затронутые продукты:PHP : PHP 5.6
CVE:CVE-2015-4644
 CVE-2015-4643
 CVE-2015-4605
 CVE-2015-4604
 CVE-2015-4603
 CVE-2015-4602
 CVE-2015-4601
 CVE-2015-4600
 CVE-2015-4599
 CVE-2015-4598
 CVE-2015-4028
 CVE-2015-4027
 CVE-2015-4026 (The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.)
 CVE-2015-4025 (PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.)
 CVE-2015-4024 (Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.)
 CVE-2015-4022 (Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.)
 CVE-2015-4021 (The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.)
 CVE-2015-3412
 CVE-2015-3411
Оригинальный текстdocumentUBUNTU, [USN-2658-1] PHP vulnerabilities (13.07.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород