ELSA-2015-1218 Moderate: Oracle Linux php security update

Back to Search

ELSA-2015-1218 Moderate: Oracle Linux php security update

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

06/09/2015

Created

07/25/2018

Added

07/10/2015

Modified

04/11/2019

Description

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

Solution(s)

oracle-linux-upgrade-php
oracle-linux-upgrade-php-bcmath
oracle-linux-upgrade-php-cli
oracle-linux-upgrade-php-common
oracle-linux-upgrade-php-dba
oracle-linux-upgrade-php-devel
oracle-linux-upgrade-php-embedded
oracle-linux-upgrade-php-enchant
oracle-linux-upgrade-php-fpm
oracle-linux-upgrade-php-gd
oracle-linux-upgrade-php-imap
oracle-linux-upgrade-php-intl
oracle-linux-upgrade-php-ldap
oracle-linux-upgrade-php-mbstring
oracle-linux-upgrade-php-mysql
oracle-linux-upgrade-php-odbc
oracle-linux-upgrade-php-pdo
oracle-linux-upgrade-php-pgsql
oracle-linux-upgrade-php-process
oracle-linux-upgrade-php-pspell
oracle-linux-upgrade-php-recode
oracle-linux-upgrade-php-snmp
oracle-linux-upgrade-php-soap
oracle-linux-upgrade-php-tidy
oracle-linux-upgrade-php-xml
oracle-linux-upgrade-php-xmlrpc
oracle-linux-upgrade-php-zts

Related Vulnerabilities

APPLE-SA-2015-06-30-2
APPLE-SA-2015-08-13-2
APPLE-SA-2015-09-30-3
APPLE-SA-2015-10-21-4
71800
72541
72701
73031
73037
73306
73357
73431
74239
74240
74413
74700
74703
74902
74903
75056
75103
75244
75246
75249
75250
75251
75252
75255
CVE - 2014-9425
CVE - 2014-9705
CVE - 2014-9709
CVE - 2015-0232
CVE - 2015-0273
CVE - 2015-2301
CVE - 2015-2783
CVE - 2015-2787
CVE - 2015-3307
CVE - 2015-3329
CVE - 2015-3411
CVE - 2015-3412
CVE - 2015-4021
CVE - 2015-4022
CVE - 2015-4024
CVE - 2015-4026
CVE - 2015-4147
CVE - 2015-4148
CVE - 2015-4598
CVE - 2015-4599
CVE - 2015-4600
CVE - 2015-4601
CVE - 2015-4602
CVE - 2015-4603
DSA-3195
DSA-3198
DSA-3215
DSA-3280
DSA-3344
Category I
V0061337
2015-A-0199
RHSA-2015:1053
RHSA-2015:1066
RHSA-2015:1135
RHSA-2015:1186
RHSA-2015:1187
RHSA-2015:1218
RHSA-2015:1219
http://oss.oracle.com/pipermail/el-errata/2015-July/005193.html

References

oracle-linux-upgrade-php
oracle-linux-upgrade-php-bcmath
oracle-linux-upgrade-php-cli
oracle-linux-upgrade-php-common
oracle-linux-upgrade-php-dba
oracle-linux-upgrade-php-devel
oracle-linux-upgrade-php-embedded
oracle-linux-upgrade-php-enchant
oracle-linux-upgrade-php-fpm
oracle-linux-upgrade-php-gd
oracle-linux-upgrade-php-imap
oracle-linux-upgrade-php-intl
oracle-linux-upgrade-php-ldap
oracle-linux-upgrade-php-mbstring
oracle-linux-upgrade-php-mysql
oracle-linux-upgrade-php-odbc
oracle-linux-upgrade-php-pdo
oracle-linux-upgrade-php-pgsql
oracle-linux-upgrade-php-process
oracle-linux-upgrade-php-pspell
oracle-linux-upgrade-php-recode
oracle-linux-upgrade-php-snmp
oracle-linux-upgrade-php-soap
oracle-linux-upgrade-php-tidy
oracle-linux-upgrade-php-xml
oracle-linux-upgrade-php-xmlrpc
oracle-linux-upgrade-php-zts

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

ELSA-2015-1218 Moderate: Oracle Linux php security update