Уязвимость CVE-2015-4147

Пакет	Статус	Версия исправления	Релиз	Тип
php5	fixed	5.6.7+dfsg-1		package
php5	fixed	5.4.39-0+deb7u1	wheezy	package

CVE-2015-4147

ubuntu

около 10 лет назад

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.

CVE-2015-4147

redhat

больше 10 лет назад

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.

CVE-2015-4147

nvd

около 10 лет назад

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.

GHSA-qrgv-5qfv-5c76

github

около 3 лет назад

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.

BDU:2022-02535

CVSS3: 6.5

fstec

около 10 лет назад

Уязвимость метода soapclient::__call интерпретатора языка программирования PHP, позволяющая нарушителю выполнить произвольный код

exploitDog

CVE-2015-4147

Описание

Пакеты

Примечания

Связанные уязвимости