Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2015-1351

Published: 30/03/2015 Updated: 07/11/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Secure Backup

Vulnerability Summary

Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP up to and including 5.6.7 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle secure backup

apple mac os x

php php

oracle solaris 11.2

oracle linux 6

oracle linux 7

Vendor Advisories

Ubuntu Security Notice: php5 vulnerabilities
Several security issues were fixed in PHP ...
Debian CVElist Bug Report Logs: php5: CVE-2015-1351
Debian Bug report logs - #777033 php5: CVE-2015-1351 Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 4 Feb 2015 08:51:01 UTC Severity: important Tags: s ...
Debian CVElist Bug Report Logs: php5: CVE-2015-1352
Debian Bug report logs - #777036 php5: CVE-2015-1352 Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 4 Feb 2015 08:51:01 UTC Severity: important Tags: s ...
Amazon Linux AMI: ALAS-2015-510
A use-after-free flaw was found in PHP's OPcache extension This flaw could possibly lead to a disclosure of portion of server memory (CVE-2015-1351) A NULL pointer dereference flaw was found in PHP's pgsql extension A specially crafted table name passed to function as pg_insert() or pg_select() could cause a PHP application to crash (CVE-2015-1 ...
Amazon Linux AMI: ALAS-2015-511
A use-after-free flaw was found in PHP's OPcache extension This flaw could possibly lead to a disclosure of portion of server memory (CVE-2015-1351) A NULL pointer dereference flaw was found in PHP's pgsql extension A specially crafted table name passed to function as pg_insert() or pg_select() could cause a PHP application to crash (CVE-2015-1 ...
Red Hat: CVE-2015-1351
A use-after-free flaw was found in PHP's OPcache extension This flaw could possibly lead to a disclosure of a portion of the server memory ...

References

CWE-416https://bugs.php.net/bug.php?id=68677http://openwall.com/lists/oss-security/2015/01/24/9http://www.mandriva.com/security/advisories?name=MDVSA-2015:079https://support.apple.com/HT205267http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlhttp://www.securityfocus.com/bid/71929https://security.gentoo.org/glsa/201606-10http://rhn.redhat.com/errata/RHSA-2015-1066.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1053.htmlhttp://git.php.net/?p=php-src.git%3Ba=commit%3Bh=777c39f4042327eac4b63c7ee87dc1c7a09a3115https://usn.ubuntu.com/2501-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-1351
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-codedCVE-2024-27202NULL pointer dereferenceCVE-2024-28075CVE-2024-33608CVE-2024-28889CVE-2024-34572template injectionCVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook