CVE-2015-6831
php: Use After Free Vulnerability in unserialize()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
Múltiples vulnerabilidades de uso después de liberación de memoria en SPL en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 permiten a atacantes remotos ejecutar código arbitrario involucrando vectores (1) ArrayObject, (2) SplObjectStorage y (3) SplDoublyLinkedList, los cuales no son manejados adecuadamente durante la deserialización.
A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-09-08 CVE Reserved
- 2015-10-01 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/08/19/3 | Mailing List |
|
| http://www.php.net/ChangeLog-5.php | X_refsource_confirm | |
| http://www.securityfocus.com/bid/76737 | Vdb Entry | |
| https://bugs.php.net/bug.php?id=70155 | X_refsource_confirm | |
| https://bugs.php.net/bug.php?id=70166 | X_refsource_confirm | |
| https://bugs.php.net/bug.php?id=70168 | X_refsource_confirm | |
| https://bugs.php.net/bug.php?id=70169 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2015/dsa-3344 | 2023-11-07 | |
| https://security.gentoo.org/glsa/201606-10 | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2015-6831 | 2016-03-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1256290 | 2016-03-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | < 5.4.44 Search vendor "Php" for product "Php" and version " < 5.4.44" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.5.0 < 5.5.28 Search vendor "Php" for product "Php" and version " >= 5.5.0 < 5.5.28" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.6.0 < 5.6.12 Search vendor "Php" for product "Php" and version " >= 5.6.0 < 5.6.12" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||