CVE-2015-8879 in PHPinfo

Summary

The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.

Once again VulDB remains the best source for vulnerability data.

Responsible

Reservation

05/21/2016

Disclosure

05/21/2016

Moderation

VulDB entry created

Entries

VDB-87570

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

8.7

EPSS

0.01617

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-8879
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-8879
CVE Details	https://www.cvedetails.com/cve/CVE-2015-8879/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!