CVE-2015-4644

The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
VendorProductVersion
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
phpphp
𝑥
≤ 5.4.41
phpphp
5.5.0
phpphp
5.5.1
phpphp
5.5.2
phpphp
5.5.3
phpphp
5.5.4
phpphp
5.5.5
phpphp
5.5.6
phpphp
5.5.7
phpphp
5.5.8
phpphp
5.5.9
phpphp
5.5.10
phpphp
5.5.11
phpphp
5.5.12
phpphp
5.5.13
phpphp
5.5.14
phpphp
5.5.15
phpphp
5.5.16
phpphp
5.5.17
phpphp
5.5.18
phpphp
5.5.19
phpphp
5.5.20
phpphp
5.5.21
phpphp
5.5.22
phpphp
5.5.23
phpphp
5.5.24
phpphp
5.5.25
phpphp
5.6.0
phpphp
5.6.1
phpphp
5.6.2
phpphp
5.6.3
phpphp
5.6.4
phpphp
5.6.5
phpphp
5.6.6
phpphp
5.6.7
phpphp
5.6.8
phpphp
5.6.9
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php5
vivid
Fixed 5.6.4+dfsg-4ubuntu6.2
released
utopic
Fixed 5.5.12+dfsg-2ubuntu4.6
released
trusty
Fixed 5.5.9+dfsg-1ubuntu4.11
released
precise
Fixed 5.3.10-1ubuntu3.19
released
References
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
http://openwall.com/lists/oss-security/2015/06/18/6
http://php.net/ChangeLog-5.php
http://rhn.redhat.com/errata/RHSA-2015-1186.html
http://rhn.redhat.com/errata/RHSA-2015-1187.html
http://www.debian.org/security/2015/dsa-3344
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/75292
http://www.securitytracker.com/id/1032709
https://bugs.php.net/bug.php?id=69667
https://security.gentoo.org/glsa/201606-10
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2cc4e69cc6d8dbc4b3568ad3dd583324a7c11d64
http://openwall.com/lists/oss-security/2015/06/18/6
http://php.net/ChangeLog-5.php
http://rhn.redhat.com/errata/RHSA-2015-1186.html
http://rhn.redhat.com/errata/RHSA-2015-1187.html
http://www.debian.org/security/2015/dsa-3344
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/75292
http://www.securitytracker.com/id/1032709
https://bugs.php.net/bug.php?id=69667
https://security.gentoo.org/glsa/201606-10