CVE-2015-4600

16.05.2016, 10:59

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Vendor	Product	Version
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_hpc_node	7.0
redhat	enterprise_linux_hpc_node_eus	7.1
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_eus	7.1
redhat	enterprise_linux_workstation	7.0
php	php	𝑥 ≤ 5.4.39
php	php	5.5.0
php	php	5.5.1
php	php	5.5.2
php	php	5.5.3
php	php	5.5.4
php	php	5.5.5
php	php	5.5.6
php	php	5.5.7
php	php	5.5.8
php	php	5.5.9
php	php	5.5.10
php	php	5.5.11
php	php	5.5.12
php	php	5.5.13
php	php	5.5.14
php	php	5.5.15
php	php	5.5.16
php	php	5.5.17
php	php	5.5.18
php	php	5.5.19
php	php	5.5.20
php	php	5.5.21
php	php	5.5.22
php	php	5.5.23
php	php	5.6.0
php	php	5.6.1
php	php	5.6.2
php	php	5.6.3
php	php	5.6.4
php	php	5.6.5
php	php	5.6.6
php	php	5.6.7

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

php5

vivid	Fixed 5.6.4+dfsg-4ubuntu6.2 released
utopic	Fixed 5.5.12+dfsg-2ubuntu4.6 released
trusty	Fixed 5.5.9+dfsg-1ubuntu4.11 released
precise	Fixed 5.3.10-1ubuntu3.19 released