CVE-2015-5589 in PHPinfo

Zusammenfassung (Englisch)

The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservieren

17.07.2015

Veröffentlichung

16.05.2016

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
87406	PHP TAR Archive phar_object.c convertToData erweiterte Rechte	20	Nicht definiert	Offizieller Fix	CVE-2015-5589

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Do you need the next level of professionalism?

Upgrade your account now!