Published: 16/05/2016 Updated: 05/01/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

PHP prior to 5.6.7 might allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat enterprise linux desktop 7.0

redhat enterprise linux hpc node 7.0

redhat enterprise linux hpc node eus 7.1

redhat enterprise linux server 7.0

redhat enterprise linux server eus 7.1

redhat enterprise linux workstation 7.0

php php

Vendor Advisories

Multiple flaws were discovered in the way PHP's Soap extension performed object unserialization Specially crafted input processed by the unserialize() function could cause a PHP application to disclose portion of its memory or crash ...
Several security issues were fixed in PHP ...
Oracle Linux Bulletin - January 2016 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical Patch Updates are relea ...