Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-4599

Опубликовано: 16 мая 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 10
CVSS3: 9.8

Описание

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

РелизСтатусПримечание
devel

released

5.6.9+dfsg-1ubuntu1
esm-infra-legacy/trusty

not-affected

5.5.9+dfsg-1ubuntu4.11
precise

released

5.3.10-1ubuntu3.19
trusty

released

5.5.9+dfsg-1ubuntu4.11
trusty/esm

not-affected

5.5.9+dfsg-1ubuntu4.11
upstream

released

5.6.9+dfsg-1
utopic

released

5.5.12+dfsg-2ubuntu4.6
vivid

released

5.6.4+dfsg-4ubuntu6.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 92%
0.09006
Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2015-4599

redhat
около 10 лет назад

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

nvd логотип

CVE-2015-4599

CVSS3: 9.8
nvd
около 9 лет назад

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

debian логотип

CVE-2015-4599

CVSS3: 9.8
debian
около 9 лет назад

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4. ...

github логотип

GHSA-w3jf-876q-fvf5

CVSS3: 9.8
github
около 3 лет назад

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

fstec логотип

BDU:2016-01370

fstec
около 9 лет назад

Уязвимость интерпретатора PHP, позволяющая нарушителю вызвать отказ в обслуживании, получить конфиденциальную информацию или выполнить произвольный код

EPSS

Процентиль: 92%
0.09006
Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3