VuXML: php -- multiple vulnerabilities

VuXML ID	3d675519-5654-11e5-9ad8-14dae9d210b8
Discovery	2015-09-03
Entry	2015-09-08
Modified	2015-09-08

PHP reports:

Core:

Fixed bug #70172 (Use After Free Vulnerability in unserialize()).

Fixed bug #70219 (Use after free vulnerability in session deserializer).

EXIF:

Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes).

hash:

Fixed bug #70312 (HAVAL gives wrong hashes in specific cases).

PCRE:

Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).

SOAP:

Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).

SPL:

Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage).

Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList).

XSLT:

Fixed bug #69782 (NULL pointer dereference).

ZIP:

Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories).

[source]

CVE Name	CVE-2015-6834
CVE Name	CVE-2015-6835
CVE Name	CVE-2015-6836
CVE Name	CVE-2015-6837
CVE Name	CVE-2015-6838
URL	http://php.net/ChangeLog-5.php#5.4.45
URL	http://php.net/ChangeLog-5.php#5.5.29
URL	http://php.net/ChangeLog-5.php#5.6.13

php -- multiple vulnerabilities

Details

References