Rapid7 Vulnerability & Exploit Database

ELSA-2015-1066 Important: Oracle Linux Software Collections 1.2 for Oracle Linux php54 security and bug fix update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

ELSA-2015-1066 Important: Oracle Linux Software Collections 1.2 for Oracle Linux php54 security and bug fix update

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

03/30/2015

Created

07/25/2018

Added

02/08/2016

Modified

04/11/2019

Description

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

Solution(s)

oracle-linux-upgrade-php54
oracle-linux-upgrade-php54-php
oracle-linux-upgrade-php54-php-bcmath
oracle-linux-upgrade-php54-php-cli
oracle-linux-upgrade-php54-php-common
oracle-linux-upgrade-php54-php-dba
oracle-linux-upgrade-php54-php-devel
oracle-linux-upgrade-php54-php-enchant
oracle-linux-upgrade-php54-php-fpm
oracle-linux-upgrade-php54-php-gd
oracle-linux-upgrade-php54-php-imap
oracle-linux-upgrade-php54-php-intl
oracle-linux-upgrade-php54-php-ldap
oracle-linux-upgrade-php54-php-mbstring
oracle-linux-upgrade-php54-php-mysqlnd
oracle-linux-upgrade-php54-php-odbc
oracle-linux-upgrade-php54-php-pdo
oracle-linux-upgrade-php54-php-pecl-zendopcache
oracle-linux-upgrade-php54-php-pgsql
oracle-linux-upgrade-php54-php-process
oracle-linux-upgrade-php54-php-pspell
oracle-linux-upgrade-php54-php-recode
oracle-linux-upgrade-php54-php-snmp
oracle-linux-upgrade-php54-php-soap
oracle-linux-upgrade-php54-php-tidy
oracle-linux-upgrade-php54-php-xml
oracle-linux-upgrade-php54-php-xmlrpc
oracle-linux-upgrade-php54-runtime
oracle-linux-upgrade-php54-scldevel

References

https://attackerkb.com/topics/cve-2014-8142
APPLE-SA-2015-06-30-2
APPLE-SA-2015-08-13-2
APPLE-SA-2015-09-30-3
APPLE-SA-2015-10-21-4
71791
71833
71929
72505
72539
72541
72611
72701
73031
73037
73306
73357
73431
73434
74204
74239
74240
74413
74703
75103
75233
75241
75246
75249
75250
75251
75252
75255
695940
CVE - 2014-8142
CVE - 2014-9427
CVE - 2014-9652
CVE - 2014-9705
CVE - 2014-9709
CVE - 2015-0231
CVE - 2015-0232
CVE - 2015-0273
CVE - 2015-1351
CVE - 2015-2301
CVE - 2015-2305
CVE - 2015-2348
CVE - 2015-2783
CVE - 2015-2787
CVE - 2015-3307
CVE - 2015-3329
CVE - 2015-3330
CVE - 2015-3411
CVE - 2015-3412
CVE - 2015-4147
CVE - 2015-4148
CVE - 2015-4599
CVE - 2015-4600
CVE - 2015-4601
CVE - 2015-4602
CVE - 2015-4603
CVE - 2015-4604
CVE - 2015-4605
DSA-3117
DSA-3195
DSA-3198
DSA-3215
DSA-3280
Category I
V0061337
2015-A-0199
RHSA-2015:1053
RHSA-2015:1066
RHSA-2015:1135
RHSA-2015:1186
RHSA-2015:1187
RHSA-2015:1218
http://oss.oracle.com/pipermail/el-errata/2016-February/005746.html
http://oss.oracle.com/pipermail/el-errata/2016-February/005751.html

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

ELSA-2015-1066 Important: Oracle Linux Software Collections 1.2 for Oracle Linux php54 security and bug fix update

ELSA-2015-1066 Important: Oracle Linux Software Collections 1.2 for Oracle Linux php54 security and bug fix update

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.