Vulnerability Details : CVE-2015-7804
Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive.
Vulnerability category: Denial of service
Threat overview for CVE-2015-7804
Top countries where our scanners detected CVE-2015-7804
Top open port discovered on systems with this issue
80
IPs affected by CVE-2015-7804 142,894
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-7804!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-7804
Probability of exploitation activity in the next 30 days: 4.84%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 92 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-7804
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2015-7804
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-7804
-
http://git.php.net/?p=php-src.git;a=commit;h=1ddf72180a52d247db88ea42a3e35f824a8fbda1
208.43.231.11 Git - php-src.git/commit
-
https://bugs.php.net/bug.php?id=70433
PHP :: Sec Bug #70433 :: Uninitialized pointer in phar_make_dirstream when zip entry filename is "/"Vendor Advisory
-
http://www.debian.org/security/2015/dsa-3380
Debian -- Security Information -- DSA-3380-1 php5
-
http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html
openSUSE-SU-2016:0251-1: moderate: Security update for php5
-
http://www.openwall.com/lists/oss-security/2015/10/05/8
oss-security - CVE request: issues fixed in PHP 5.6.14 and 5.5.30
-
https://security.gentoo.org/glsa/201606-10
PHP: Multiple vulnerabilities (GLSA 201606-10) — Gentoo security
-
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720
The Slackware Linux Project: Slackware Security Advisories
-
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Apple - Lists.apple.com
-
https://support.apple.com/HT205637
About the security content of OS X El Capitan 10.11.2, Security Update 2015-005 Yosemite, and Security Update 2015-008 Mavericks - Apple SupportVendor Advisory
-
http://www.php.net/ChangeLog-5.php
PHP: PHP 5 ChangeLog
-
http://www.ubuntu.com/usn/USN-2786-1
USN-2786-1: PHP vulnerabilities | Ubuntu security notices
-
http://www.securityfocus.com/bid/76959
PHP PHAR Multiple Denial of Service Vulnerabilities
Products affected by CVE-2015-7804
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*