Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-4644

Опубликовано: 16 мая 2016
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.

РелизСтатусПримечание
devel

released

5.6.9+dfsg-1ubuntu1
esm-infra-legacy/trusty

released

5.5.9+dfsg-1ubuntu4.11
precise

released

5.3.10-1ubuntu3.19
trusty

released

5.5.9+dfsg-1ubuntu4.11
trusty/esm

released

5.5.9+dfsg-1ubuntu4.11
upstream

released

5.4.42,5.5.26,5.6.10
utopic

released

5.5.12+dfsg-2ubuntu4.6
vivid

released

5.6.4+dfsg-4ubuntu6.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 93%
0.09888
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2015-4644

redhat
больше 10 лет назад

The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.

nvd логотип

CVE-2015-4644

CVSS3: 7.5
nvd
больше 9 лет назад

The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.

debian логотип

CVE-2015-4644

CVSS3: 7.5
debian
больше 9 лет назад

The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgs ...

github логотип

GHSA-xhh6-8vwc-47w8

CVSS3: 7.5
github
больше 3 лет назад

The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.

fstec логотип

BDU:2016-01361

fstec
больше 9 лет назад

Уязвимость интерпретатора PHP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 93%
0.09888
Низкий

5 Medium

CVSS2

7.5 High

CVSS3