← Back

CVE-2015-4599

nvd nist
Published: May 16, 2016Modified: May 6, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.

Affected (39)

Php
1 product
Php
Redhat
6 products
Enterprise Linux Desktop
Enterprise Linux Hpc Node
Enterprise Linux Hpc Node Eus
Enterprise Linux Server
Enterprise Linux Server Eus
Enterprise Linux Workstation
Configuration A
33 vulnerable
Vulnerable SoftwareAffected Versions
Php
Php
Up to 5.4.39
Php
Version 5.5.0
Php
Version 5.5.10
Php
Version 5.5.11
Php
Version 5.5.12
Php
Version 5.5.13
Php
Version 5.5.14
Php
Version 5.5.15
Php
Version 5.5.16
Php
Version 5.5.17
Php
Version 5.5.18
Php
Version 5.5.19
Php
Version 5.5.1
Php
Version 5.5.20
Php
Version 5.5.21
Php
Version 5.5.22
Php
Version 5.5.23
Php
Version 5.5.2
Php
Version 5.5.3
Php
Version 5.5.4
Php
Version 5.5.5
Php
Version 5.5.6
Php
Version 5.5.7
Php
Version 5.5.8
Php
Version 5.5.9
Php
Version 5.6.0
Php
Version 5.6.1
Php
Version 5.6.2
Php
Version 5.6.3
Php
Version 5.6.4
Php
Version 5.6.5
Php
Version 5.6.6
Php
Version 5.6.7
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop
Version 7.0
Enterprise Linux Hpc Node
Version 7.0
Enterprise Linux Hpc Node Eus
Version 7.1
Enterprise Linux Server
Version 7.0
Enterprise Linux Server Eus
Version 7.1
Enterprise Linux Workstation
Version 7.0

References (18)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit

Timeline

No history available yet.