CVE-2015-3412

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 16-04-2015 02:00

Last modified: - 16-04-2015 02:00

Total changes: - 92

Description

CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:P/I:P/A:N

High

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

4.0

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=php-0 AND versionEndExcluding=5.3.3-46.el6_6

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=php-0 AND versionEndExcluding=5.4.16-36.el7_1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=php54-0 AND versionEndExcluding=2.0-1.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-0 AND versionEndExcluding=5.4.40-1.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-pecl-zendopcache-0 AND versionEndExcluding=7.0.4-3.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php55-php-0 AND versionEndExcluding=5.5.21-4.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=rh-php56-php-0 AND versionEndExcluding=5.6.5-7.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-0 AND versionEndExcluding=2.0-1.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-0 AND versionEndExcluding=5.4.40-1.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-pecl-zendopcache-0 AND versionEndExcluding=7.0.4-3.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php55-php-0 AND versionEndExcluding=5.5.21-4.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=rh-php56-php-0 AND versionEndExcluding=5.6.5-7.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-0 AND versionEndExcluding=2.0-1.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-0 AND versionEndExcluding=5.4.40-1.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-pecl-zendopcache-0 AND versionEndExcluding=7.0.4-3.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php55-php-0 AND versionEndExcluding=5.5.21-4.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=rh-php56-php-0 AND versionEndExcluding=5.6.5-7.el6

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-0 AND versionEndExcluding=2.0-1.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-0 AND versionEndExcluding=5.4.40-1.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php54-php-pecl-zendopcache-0 AND versionEndExcluding=7.0.4-3.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php55-php-0 AND versionEndExcluding=5.5.21-4.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=rh-php56-php-0 AND versionEndExcluding=5.6.5-7.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php55-php-0 AND versionEndExcluding=5.5.21-4.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=rh-php56-php-0 AND versionEndExcluding=5.6.5-7.el7

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=2

AND

product=php AND version=

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=php53 AND version=

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=php54-php AND version=

vendor=Red Hat Enterprise Linux AND product=rhel_software_collections AND version=1

Reference

Keywords

REDHAT

CVE-2015-3412

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.