Search for vulnerabilities
Vulnerability details: VCID-bc7f-sn66-aaas
Vulnerability ID VCID-bc7f-sn66-aaas
Aliases CVE-2015-5589
Summary The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5589.html
generic_textual Medium http://php.net/ChangeLog-5.php
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0457
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.02032 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.09371 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.10384 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
epss 0.12691 https://api.first.org/data/v1/epss?cve=CVE-2015-5589
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1245236
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4598
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5589
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5590
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6831
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6832
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6833
generic_textual Medium http://seclists.org/oss-sec/2015/q3/141
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2015-5589
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2015-5589
generic_textual Low https://ubuntu.com/security/notices/USN-2758-1
Reference id Reference type URL
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=bf58162ddf970f63502837f366930e44d6a992cf
http://git.php.net/?p=php-src.git;a=commit;h=bf58162ddf970f63502837f366930e44d6a992cf
http://openwall.com/lists/oss-security/2015/07/18/1
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5589.html
http://php.net/ChangeLog-5.php
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5589.json
https://api.first.org/data/v1/epss?cve=CVE-2015-5589
https://bugs.php.net/bug.php?id=69958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4598
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5589
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6831
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6832
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6833
http://seclists.org/oss-sec/2015/q3/141
https://ubuntu.com/security/notices/USN-2758-1
http://www.debian.org/security/2015/dsa-3344
http://www.securityfocus.com/bid/75974
1245236 https://bugzilla.redhat.com/show_bug.cgi?id=1245236
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
CVE-2015-5589 https://nvd.nist.gov/vuln/detail/CVE-2015-5589
RHSA-2016:0457 https://access.redhat.com/errata/RHSA-2016:0457
USN-2758-1 https://usn.ubuntu.com/2758-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2015-5589
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2015-5589
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.89287
EPSS Score 0.02032
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.