ELSA-2015-1218 Moderate: Oracle Linux php security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | June 09, 2015 | July 10, 2015 | April 11, 2019 |
Description
The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- CVE-2015-4022
- CVE-2015-4024
- CVE-2015-4026
- CVE-2015-4147
- APPLE-APPLE-SA-2015-06-30-2
- APPLE-APPLE-SA-2015-08-13-2
- APPLE-APPLE-SA-2015-09-30-3
- APPLE-APPLE-SA-2015-10-21-4
- BID-71800
- BID-72541
- BID-72701
- BID-73031
- BID-73037
- BID-73306
- BID-73357
- BID-73431
- BID-74239
- BID-74240
- BID-74413
- BID-74700
- BID-74703
- BID-74902
- BID-74903
- BID-75056
- BID-75103
- BID-75244
- BID-75246
- BID-75249
- BID-75250
- BID-75251
- BID-75252
- BID-75255
- CVE-2014-9425
- CVE-2014-9705
- CVE-2014-9709
- CVE-2015-0232
- CVE-2015-0273
- CVE-2015-2301
- CVE-2015-2783
- CVE-2015-2787
- CVE-2015-3307
- CVE-2015-3329
- CVE-2015-3411
- CVE-2015-3412
- CVE-2015-4021
- CVE-2015-4148
- CVE-2015-4598
- CVE-2015-4599
- CVE-2015-4600
- CVE-2015-4601
- CVE-2015-4602
- CVE-2015-4603
- DEBIAN-DSA-3195
- DEBIAN-DSA-3198
- DEBIAN-DSA-3215
- DEBIAN-DSA-3280
- DEBIAN-DSA-3344
- DISA_SEVERITY-Category I
- DISA_VMSKEY-V0061337
- IAVM-2015-A-0199
- REDHAT-RHSA-2015:1053
- REDHAT-RHSA-2015:1066
- REDHAT-RHSA-2015:1135
- REDHAT-RHSA-2015:1186
- REDHAT-RHSA-2015:1187
- REDHAT-RHSA-2015:1218
- REDHAT-RHSA-2015:1219
- URL: http://oss.oracle.com/pipermail/el-errata/2015-July/005193.html
Solution
oracle-linux-upgrade-phpRelated Vulnerabilities
- DSA-3198-1 php5 -- security update
- Oracle Solaris 11: CVE-2015-2301: Vulnerability in PHP
- PHP Vulnerability: CVE-2015-2783
- Alpine Linux: CVE-2015-2301: php issues fixed in 5.6.6
- Alpine Linux: CVE-2015-0232: php multiple fixes
- USN-2501-1: PHP vulnerabilities
- RHSA-2015:1066: php54 security and bug fix update
- Alpine Linux: CVE-2015-4022: php multiple issues
- OS X update for apache (CVE-2015-3329)
- F5 Networks: K17061 (CVE-2015-4602): Multiple PHP vulnerabilities
- Gentoo Linux: CVE-2015-0273: PHP: Multiple vulnerabilities
- Gentoo Linux: CVE-2015-2301: PHP: Multiple vulnerabilities
- OS X update for apache_mod_php (CVE-2015-2787)
- Cent OS: CVE-2015-3411: CESA-2015:1218 (php)
- OS X update for apache_mod_php (CVE-2015-0232)
- Oracle Solaris 11: CVE-2015-4026: Vulnerability in PHP
- PHP Vulnerability: CVE-2015-4600
- SUSE: CVE-2015-4022: SUSE Linux Security Advisory
- PHP Vulnerability: CVE-2015-3307
- SUSE: CVE-2015-2301: SUSE Linux Security Advisory
- Cent OS: CVE-2015-4600: CESA-2015:1218 (php)
- OS X update for apache_mod_php (CVE-2015-3329)
- Gentoo Linux: CVE-2015-4147: PHP: Multiple vulnerabilities
- ELSA-2015-1053 Moderate: Oracle Linux Software Collections 1.2 for Oracle Linux php55 security and bug fix update
- PHP Vulnerability: CVE-2015-4147
- SUSE: CVE-2015-4603: SUSE Linux Security Advisory
- SUSE: CVE-2015-4599: SUSE Linux Security Advisory
- Gentoo Linux: CVE-2015-4148: PHP: Multiple vulnerabilities
- SUSE: CVE-2015-2783: SUSE Linux Security Advisory
- OS X update for apache_mod_php (CVE-2014-9705)
- HP System Management Homepage - HPSBMU03380 (CVE-2015-2787): Linux and Windows, Multiple Vulnerabilities
- F5 Networks: K16993 (CVE-2015-4026): PHP vulnerabilities CVE-2015-4025 and CVE-2015-4026
- Gentoo Linux: CVE-2015-0232: PHP: Multiple vulnerabilities
- Oracle Solaris 11: CVE-2015-0273: Vulnerability in PHP
- HP-UX: CVE-2015-2301: Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
- PHP Vulnerability: CVE-2015-4599
- SUSE: CVE-2015-3411: SUSE Linux Security Advisory
- SUSE: CVE-2015-0232: SUSE Linux Security Advisory
- HP-UX: CVE-2014-9709: Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
- SUSE: CVE-2015-3412: SUSE Linux Security Advisory
- DSA-3344-1 php5 -- security update
- OS X update for apache_mod_php (CVE-2014-9709)
- SUSE: CVE-2015-4601: SUSE Linux Security Advisory
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- SUSE: CVE-2015-2787: SUSE Linux Security Advisory
- HP System Management Homepage - HPSBMU03380 (CVE-2014-9705): Linux and Windows, Multiple Vulnerabilities
- Amazon Linux AMI: Security patch for php54 (ALAS-2015-509) (multiple CVEs)
- HP System Management Homepage - HPSBMU03380 (CVE-2015-2301): Linux and Windows, Multiple Vulnerabilities
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 7
- PHP Vulnerability: CVE-2014-9705
- Amazon Linux AMI: Security patch for php55 (ALAS-2015-474) (multiple CVEs)
- Oracle Solaris 11: CVE-2015-2787: Vulnerability in PHP
- OS X update for apache_mod_php (CVE-2015-4148)
- Amazon Linux AMI: Security patch for php54 (ALAS-2015-475) (multiple CVEs)
- PHP Vulnerability: CVE-2015-4148
- OS X update for apache (CVE-2015-4147)
- PHP Vulnerability: CVE-2015-4598
- F5 Networks: K17028 (CVE-2015-3411): PHP vulnerabilities CVE-2015-3411 and CVE-2015-3412
- USN-2535-1: PHP vulnerabilities
- FreeBSD: php5 -- multiple vulnerabilities (Multiple CVEs)
- Gentoo Linux: CVE-2015-2783: PHP: Multiple vulnerabilities
- PHP Vulnerability: CVE-2015-4021
- OS X update for apache_mod_php (CVE-2015-2783)
- PHP Vulnerability: CVE-2014-9709
- Alpine Linux: CVE-2015-4021: php multiple issues
- HP System Management Homepage - HPSBMU03380 (CVE-2015-0232): Linux and Windows, Multiple Vulnerabilities
- OS X update for apache_mod_php (CVE-2015-4147)
- OS X update for apache (CVE-2015-2787)
- SUSE: CVE-2015-4026: SUSE Linux Security Advisory
- OS X update for apache (CVE-2015-4026)
- OS X update for apache_mod_php (CVE-2015-4021)
- OS X update for Admin Framework (CVE-2015-0273)
- OS X update for apache_mod_php (CVE-2015-0273)
- OS X update for apache_mod_php (CVE-2015-4024)
- Oracle Solaris 11: CVE-2015-4022: Vulnerability in PHP
- SUSE: CVE-2015-4148: SUSE Linux Security Advisory
- Cent OS: CVE-2015-4603: CESA-2015:1218 (php)
- RHSA-2015:1135: php security and bug fix update
- PHP Vulnerability: CVE-2015-2787
- F5 Networks: K17061 (CVE-2015-4603): Multiple PHP vulnerabilities
- PHP Vulnerability: CVE-2015-4026
- OS X update for apache_mod_php (CVE-2015-3307)
- OS X update for apache_mod_php (CVE-2015-4022)
- Ubuntu: USN-2987-1 (CVE-2014-9709): GD library vulnerabilities
- SUSE: CVE-2014-9705: SUSE Linux Security Advisory
- Oracle Solaris 11: CVE-2015-2783: Vulnerability in PHP
- Gentoo Linux: CVE-2015-2787: PHP: Multiple vulnerabilities
- OS X update for apache (CVE-2015-3307)
- Amazon Linux AMI: Security patch for php54 (ALAS-2015-493) (multiple CVEs)
- Oracle Solaris 11: CVE-2015-3329: Vulnerability in PHP
- PHP Vulnerability: CVE-2015-2301
- Alpine Linux: CVE-2015-4024: php multiple issues
- PHP Vulnerability: CVE-2015-4603
- RHSA-2015:1186: php55-php security update
- F5 Networks: K17061 (CVE-2015-4600): Multiple PHP vulnerabilities
- Amazon Linux AMI: Security patch for php54 (ALAS-2015-534) (multiple CVEs)
- OS X update for apache (CVE-2015-4148)
- ELSA-2015-1066 Important: Oracle Linux Software Collections 1.2 for Oracle Linux php54 security and bug fix update
- Oracle Solaris 11: CVE-2014-9705: Vulnerability in PHP
- Cent OS: CVE-2015-3412: CESA-2015:1218 (php)