Search for vulnerabilities
Vulnerability details: VCID-mwev-5h1b-aaaj
Vulnerability ID VCID-mwev-5h1b-aaaj
Aliases CVE-2015-7803
Summary CVE-2015-7803 php: NULL pointer dereference in phar_get_fp_offset()
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-476 NULL Pointer Dereference
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7803.html
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0457
epss 0.04805 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.04805 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.04805 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.04805 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.05461 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.05461 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.06648 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.09832 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.14212 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.14212 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.14212 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.16099 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.16099 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.17176 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.22702 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
epss 0.25607 https://api.first.org/data/v1/epss?cve=CVE-2015-7803
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1271081
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7803
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7804
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2015-7803
generic_textual Low https://ubuntu.com/security/notices/USN-2786-1
generic_textual Low http://www.php.net/ChangeLog-5.php
Reference id Reference type URL
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d698f0ae51f67c9cce870b09c59df3d6ba959244
http://git.php.net/?p=php-src.git;a=commit;h=d698f0ae51f67c9cce870b09c59df3d6ba959244
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html
http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7803.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7803.json
https://api.first.org/data/v1/epss?cve=CVE-2015-7803
https://bugs.php.net/bug.php?id=69720
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7804
https://security.gentoo.org/glsa/201606-10
https://support.apple.com/HT205637
https://ubuntu.com/security/notices/USN-2786-1
http://www.debian.org/security/2015/dsa-3380
http://www.openwall.com/lists/oss-security/2015/10/05/8
http://www.php.net/ChangeLog-5.php
http://www.securityfocus.com/bid/76959
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720
http://www.ubuntu.com/usn/USN-2786-1
1271081 https://bugzilla.redhat.com/show_bug.cgi?id=1271081
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
CVE-2015-7803 https://nvd.nist.gov/vuln/detail/CVE-2015-7803
RHSA-2016:0457 https://access.redhat.com/errata/RHSA-2016:0457
USN-2786-1 https://usn.ubuntu.com/2786-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2015-7803
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.92609
EPSS Score 0.04805
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.