CVE-2015-6831

EUVD-2015-6767
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
phpphp
𝑥
< 5.4.44
phpphp
5.5.0 ≤
𝑥
< 5.5.28
phpphp
5.6.0 ≤
𝑥
< 5.6.12
debiandebian_linux
7.0
debiandebian_linux
8.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php5
precise
Fixed 5.3.10-1ubuntu3.20
released
trusty
Fixed 5.5.9+dfsg-1ubuntu4.13
released
vivid
Fixed 5.6.4+dfsg-4ubuntu6.3
released
Common Weakness Enumeration
References
http://www.debian.org/security/2015/dsa-3344
http://www.openwall.com/lists/oss-security/2015/08/19/3
http://www.php.net/ChangeLog-5.php
http://www.securityfocus.com/bid/76737
https://bugs.php.net/bug.php?id=70155
https://bugs.php.net/bug.php?id=70166
https://bugs.php.net/bug.php?id=70168
https://bugs.php.net/bug.php?id=70169
https://security.gentoo.org/glsa/201606-10
http://www.debian.org/security/2015/dsa-3344
http://www.openwall.com/lists/oss-security/2015/08/19/3
http://www.php.net/ChangeLog-5.php
http://www.securityfocus.com/bid/76737
https://bugs.php.net/bug.php?id=70155
https://bugs.php.net/bug.php?id=70166
https://bugs.php.net/bug.php?id=70168
https://bugs.php.net/bug.php?id=70169
https://security.gentoo.org/glsa/201606-10