CVE-2015-4026

Published: Jun 9, 2015Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.

Affected (61)

Products: Redhat: Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Hpc Node Eus, Enterprise Linux Server, Enterprise Linux Server Eus, Enterprise Linux Workstation · Php: Php · Apple: Mac Os X

Redhat

7 products

Enterprise Linux

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Hpc Node Eus

Enterprise Linux Server

Enterprise Linux Server Eus

Enterprise Linux Workstation

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux	Version 7.0

Configuration B

52 vulnerable

Vulnerable Software	Affected Versions
Php Php	Up to 5.4.40
Php Php	Version 5.4.39
Php Php	Version 5.5.0
Php Php	Version 5.5.0 alpha1
Php Php	Version 5.5.0 alpha2
Php Php	Version 5.5.0 alpha3
Php Php	Version 5.5.0 alpha4
Php Php	Version 5.5.0 alpha5
Php Php	Version 5.5.0 alpha6
Php Php	Version 5.5.0 beta1
Php Php	Version 5.5.0 beta2
Php Php	Version 5.5.0 beta3
Php Php	Version 5.5.0 beta4
Php Php	Version 5.5.0 rc1
Php Php	Version 5.5.0 rc2
Php Php	Version 5.5.10
Php Php	Version 5.5.11
Php Php	Version 5.5.12
Php Php	Version 5.5.13
Php Php	Version 5.5.14
Php Php	Version 5.5.18
Php Php	Version 5.5.19
Php Php	Version 5.5.1
Php Php	Version 5.5.20
Php Php	Version 5.5.21
Php Php	Version 5.5.22
Php Php	Version 5.5.23
Php Php	Version 5.5.24
Php Php	Version 5.5.2
Php Php	Version 5.5.3
Php Php	Version 5.5.4
Php Php	Version 5.5.5
Php Php	Version 5.5.6
Php Php	Version 5.5.7
Php Php	Version 5.5.8
Php Php	Version 5.5.9
Php Php	Version 5.6.0 alpha1
Php Php	Version 5.6.0 alpha2
Php Php	Version 5.6.0 alpha3
Php Php	Version 5.6.0 alpha4
Php Php	Version 5.6.0 alpha5
Php Php	Version 5.6.0 beta1
Php Php	Version 5.6.0 beta2
Php Php	Version 5.6.0 beta3
Php Php	Version 5.6.0 beta4
Php Php	Version 5.6.2
Php Php	Version 5.6.3
Php Php	Version 5.6.4
Php Php	Version 5.6.5
Php Php	Version 5.6.6
Php Php	Version 5.6.7
Php Php	Version 5.6.8

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Up to 10.10.4

Configuration D

6 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Hpc Node	Version 7.0
Redhat Enterprise Linux Hpc Node Eus	Version 7.1
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Eus	Version 7.1
Redhat Enterprise Linux Workstation	Version 7.0