Vulnerability & Exploit Database

Displaying all 3 entries

Results for: CVE-2015-4628 Back to search

Alpine Linux: CVE-2015-6833: php multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: January 19, 2016

Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.

Alpine Linux: CVE-2015-6832: php multiple vulnerabilities Vulnerability

  • Severity: 8
  • Published: January 19, 2016

Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.

Alpine Linux: CVE-2015-6831: php multiple vulnerabilities Vulnerability

  • Severity: 8
  • Published: January 19, 2016

Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.