Описание
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
| Релиз | Статус | Примечание |
|---|---|---|
| esm-infra-legacy/trusty | released | 5.5.9+dfsg-1ubuntu4.16 |
| precise | released | 5.3.10-1ubuntu3.22 |
| trusty | released | 5.5.9+dfsg-1ubuntu4.16 |
| trusty/esm | released | 5.5.9+dfsg-1ubuntu4.16 |
| upstream | released | 5.6.12 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | released | 5.6.11+dfsg-1ubuntu3.2 |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 7.0.4-5ubuntu2 |
| precise | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 7.0.4 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | DNE | |
| xenial | not-affected | 7.0.4-5ubuntu2 |
Показывать по
EPSS
6.4 Medium
CVSS2
7.1 High
CVSS3
Связанные уязвимости
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
The make_http_soap_request function in ext/soap/php_http.c in PHP befo ...
The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.
Уязвимость функции make_http_soap_request интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию
EPSS
6.4 Medium
CVSS2
7.1 High
CVSS3