CVE-2015-2783

Published: Jun 9, 2015Modified: May 6, 2026

5.8

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:P

Exploitability: 8.6 / Impact: 4.9

Source: NVD

Description

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.

Affected (58)

Products: Php: Php · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Hpc Node Eus, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation, Enterprise Linux · Apple: Mac Os X

1 product

7 products

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Hpc Node Eus

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

Enterprise Linux

1 product

Configuration A

49 vulnerable

Vulnerable Software	Affected Versions
Php Php	Up to 5.4.39
Php Php	Version 5.5.0
Php Php	Version 5.5.0 alpha1
Php Php	Version 5.5.0 alpha2
Php Php	Version 5.5.0 alpha3
Php Php	Version 5.5.0 alpha4
Php Php	Version 5.5.0 alpha5
Php Php	Version 5.5.0 alpha6
Php Php	Version 5.5.0 beta1
Php Php	Version 5.5.0 beta2
Php Php	Version 5.5.0 beta3
Php Php	Version 5.5.0 beta4
Php Php	Version 5.5.0 rc1
Php Php	Version 5.5.0 rc2
Php Php	Version 5.5.10
Php Php	Version 5.5.11
Php Php	Version 5.5.12
Php Php	Version 5.5.13
Php Php	Version 5.5.14
Php Php	Version 5.5.18
Php Php	Version 5.5.19
Php Php	Version 5.5.1
Php Php	Version 5.5.20
Php Php	Version 5.5.21
Php Php	Version 5.5.22
Php Php	Version 5.5.23
Php Php	Version 5.5.2
Php Php	Version 5.5.3
Php Php	Version 5.5.4
Php Php	Version 5.5.5
Php Php	Version 5.5.6
Php Php	Version 5.5.7
Php Php	Version 5.5.8
Php Php	Version 5.5.9
Php Php	Version 5.6.0 alpha1
Php Php	Version 5.6.0 alpha2
Php Php	Version 5.6.0 alpha3
Php Php	Version 5.6.0 alpha4
Php Php	Version 5.6.0 alpha5
Php Php	Version 5.6.0 beta1
Php Php	Version 5.6.0 beta2
Php Php	Version 5.6.0 beta3
Php Php	Version 5.6.0 beta4
Php Php	Version 5.6.2
Php Php	Version 5.6.3
Php Php	Version 5.6.4
Php Php	Version 5.6.5
Php Php	Version 5.6.6
Php Php	Version 5.6.7

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Hpc Node	Version 7.0
Redhat Enterprise Linux Hpc Node Eus	Version 7.1
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Eus	Version 7.1
Redhat Enterprise Linux Workstation	Version 7.0

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux	Version 7.0

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Up to 10.10.5

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (42)

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=143403519711434&w=2

Source: cve@mitre.org

http://php.net/ChangeLog-5.php

Source: cve@mitre.org

Patch

http://rhn.redhat.com/errata/RHSA-2015-1066.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2015-1135.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2015-1186.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2015-1187.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2015-1218.html

Source: cve@mitre.org

http://www.debian.org/security/2015/dsa-3280

Source: cve@mitre.org

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

Source: cve@mitre.org

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/74239

Source: cve@mitre.org

http://www.securitytracker.com/id/1032146

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-2572-1

Source: cve@mitre.org

https://bugs.php.net/bug.php?id=69324

Source: cve@mitre.org

Exploit

https://security.gentoo.org/glsa/201606-10

Source: cve@mitre.org

https://support.apple.com/HT205267

Source: cve@mitre.org

https://support.apple.com/kb/HT205031

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=143403519711434&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://php.net/ChangeLog-5.php

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://rhn.redhat.com/errata/RHSA-2015-1066.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2015-1135.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2015-1186.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2015-1187.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2015-1218.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2015/dsa-3280

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/74239

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1032146

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-2572-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugs.php.net/bug.php?id=69324

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://security.gentoo.org/glsa/201606-10

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/HT205267

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT205031

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.