Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2015-6834

Published: 16/05/2016 Updated: 07/11/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 760
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Php

Vulnerability Summary

Multiple use-after-free vulnerabilities in PHP prior to 5.4.45, 5.5.x prior to 5.5.29, and 5.6.x prior to 5.6.13 allow remote malicious users to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.

Vulnerable Product Search on Vulmon Subscribe to Product

php php 5.6.1

php php 5.6.5

php php 5.5.19

php php 5.6.12

php php 5.5.25

php php 5.5.0

php php 5.5.16

php php 5.6.0

php php 5.5.1

php php 5.5.5

php php 5.6.4

php php 5.5.21

php php 5.6.6

php php 5.5.17

php php 5.5.14

php php 5.5.7

php php 5.6.11

php php 5.6.2

php php 5.6.10

php php 5.5.12

php php 5.5.6

php php 5.6.7

php php 5.5.3

php php 5.5.23

php php 5.5.8

php php 5.5.27

php php

php php 5.5.24

php php 5.5.15

php php 5.5.11

php php 5.5.13

php php 5.5.4

php php 5.5.28

php php 5.5.26

php php 5.6.9

php php 5.5.10

php php 5.6.3

php php 5.5.22

php php 5.6.8

php php 5.5.18

php php 5.5.20

php php 5.5.2

php php 5.5.9

Vendor Advisories

Ubuntu Security Notice: php5 vulnerabilities
Several security issues were fixed in PHP ...
Debian Security Advisories: DSA-3358-1 php5 -- security update
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development The vulnerabilities are addressed by upgrading PHP to new upstream versions (5445 and 5613), which include additional bug fixes Please refer to the upstream changelog for more information: phpnet/ChangeLog-5 ...
Red Hat: CVE-2015-6834
A flaw was discovered in the way PHP performed object unserialization Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code ...
Amazon Linux AMI: ALAS-2016-670
A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets (CVE-2015-6837, CVE ...
Amazon Linux AMI: ALAS-2015-602
As <a href="bugsphpnet/bugphp?id=69720">reported upstream</a>, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives A specially crafted archive could cause PHP to crash (CVE-2015-7803 ) A flaw was discovered in the way PHP performed object unserialization Specially crafted input pr ...
Amazon Linux AMI: ALAS-2015-601
As <a href="bugsphpnet/bugphp?id=69720">reported upstream</a>, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives A specially crafted archive could cause PHP to crash (CVE-2015-7803 ) A flaw was discovered in the way PHP performed object unserialization Specially crafted input pr ...

Exploits

Exploit DB: Kerio Control Unified Threat Management Code Execution / XSS / Memory Corruption
Kerio Control Unified Threat Management versions prior to 913 suffer from unsafe usage of the PHP unserialize function, code execution, memory corruption, cross site scripting, and various other vulnerabilities ...
Exploit DB: PHP 5.4/5.5/5.6 - SplDoublyLinkedList 'Unserialize()' Use-After-Free
Yet Another Use After Free Vulnerability in unserialize() with SplDoublyLinkedList Taoguang Chen <[@chtg](githubcom/chtg)> - Write Date: 2015827 Release Date: 201594 A use-after-free vulnerability was discovered in unserialize() with SplDoublyLinkedList object's deserialization and crafted object's __wakeup() magic method that ...
Exploit DB: PHP 5.4/5.5/5.6 - SplObjectStorage 'Unserialize()' Use-After-Free
Yet Another Use After Free Vulnerability in unserialize() with SplObjectStorage Taoguang Chen <[@chtg](githubcom/chtg)> Write Date: 2015827 Release Date: 201594 A use-after-free vulnerability was discovered in unserialize() with SplObjectStorage object's deserialization and crafted object's __wakeup() magic method that can be ...

References

NVD-CWE-Otherhttps://bugs.php.net/bug.php?id=70366http://www.securitytracker.com/id/1033548http://www.securityfocus.com/bid/76649http://php.net/ChangeLog-5.phphttps://bugs.php.net/bug.php?id=70365https://bugs.php.net/bug.php?id=70172http://www.debian.org/security/2015/dsa-3358https://security.gentoo.org/glsa/201606-10https://usn.ubuntu.com/2758-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/38120/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook