CVSS: 7.5EPSS: 7%CPEs: 39EXPL: 0CVE-2015-4644 – php: NULL pointer dereference in php_pgsql_meta_data()
https://notcve.org/view.php?id=CVE-2015-4644
07 Jul 2015 — The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352. La función php_pgsql_meta_data en pgsql.c en la extensión PostgreSQL (también conocida como pgsq... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 6%CPEs: 41EXPL: 1CVE-2015-4605 – php: denial of service when processing a crafted file with Fileinfo
https://notcve.org/view.php?id=CVE-2015-4605
23 Jun 2015 — The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule. La función mcopy en softmagic.c en file 5.x, tal como se utiliza en el componente Fileinfo en PHP en versiones anter... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 8%CPEs: 39EXPL: 1CVE-2015-4600 – php: type confusion issue in unserialize() with various SOAP methods
https://notcve.org/view.php?id=CVE-2015-4600
23 Jun 2015 — The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods. La implementac... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 6%CPEs: 41EXPL: 1CVE-2015-4604 – php: denial of service when processing a crafted file with Fileinfo
https://notcve.org/view.php?id=CVE-2015-4604
23 Jun 2015 — The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule. La función mget en softmagic.c en file 5.x, tal como se utiliza en el componente Fileinfo en PHP en versiones... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 6%CPEs: 7EXPL: 0CVE-2015-4601 – php: type confusion issue in unserialize() with various SOAP methods
https://notcve.org/view.php?id=CVE-2015-4601
23 Jun 2015 — PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600. PHP en versiones anteriores a 5.6.7 podría permitir a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecuar código arbitrario a través de un tipo de dato... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 12%CPEs: 41EXPL: 1CVE-2015-4602 – php: Incomplete Class unserialization type confusion
https://notcve.org/view.php?id=CVE-2015-4602
23 Jun 2015 — The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue. La función __PHP_Incomplete_Class en ext/standard/incomplete_class.c en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a at... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fb83c76deec58f1fab17c350f04c9f042e5977d1 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.3EPSS: 1%CPEs: 41EXPL: 1CVE-2015-3412 – php: missing null byte checks for paths in various PHP extensions
https://notcve.org/view.php?id=CVE-2015-3412
23 Jun 2015 — PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension. PHP en versiones anteriores a 5.5.40, 5.5.x en versiones an... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 6.5EPSS: 0%CPEs: 41EXPL: 1CVE-2015-3411 – php: missing null byte checks for paths in various PHP extensions
https://notcve.org/view.php?id=CVE-2015-3411
23 Jun 2015 — PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files. PHP en versiones... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4435b9142ff9813845d5c97ab29a5d637bedb257 • CWE-20: Improper Input Validation CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 7.5EPSS: 0%CPEs: 45EXPL: 0CVE-2015-4598 – php: missing null byte checks for paths in DOM and GD extensions
https://notcve.org/view.php?id=CVE-2015-4598
23 Jun 2015 — PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files. PHP en versiones anteriores a 5.4.42, 5.5.x en versiones anteriores a 5.... • http://php.net/ChangeLog-5.php • CWE-20: Improper Input Validation CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 10.0EPSS: 6%CPEs: 39EXPL: 1CVE-2015-4599 – php: type confusion issue in unserialize() with various SOAP methods
https://notcve.org/view.php?id=CVE-2015-4599
23 Jun 2015 — The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue. El método SoapFault::__toString en ext/soap/soap.c en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a atacante... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=51856a76f87ecb24fe1385342be43610fb6c86e4 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •