Search for vulnerabilities
Vulnerability details: VCID-r27c-71jx-aaar
Vulnerability ID VCID-r27c-71jx-aaar
Aliases CVE-2015-6835
Summary The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content.
Status Published
Exploitability 2.0
Weighted Severity 8.8
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-6835.html
generic_textual Medium http://php.net/ChangeLog-5.php
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0457
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.09007 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.196 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.20127 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.20127 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.22 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.36123 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.3937 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
epss 0.62654 https://api.first.org/data/v1/epss?cve=CVE-2015-6835
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1260647
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2015-6835
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2015-6835
generic_textual Low https://ubuntu.com/security/notices/USN-2758-1
generic_textual Low http://www.openwall.com/lists/oss-security/2015/09/07/5
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-6835.html
http://php.net/ChangeLog-5.php
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6835.json
https://api.first.org/data/v1/epss?cve=CVE-2015-6835
https://bugs.php.net/bug.php?id=70219
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
https://security.gentoo.org/glsa/201606-10
https://ubuntu.com/security/notices/USN-2758-1
http://www.debian.org/security/2015/dsa-3358
http://www.openwall.com/lists/oss-security/2015/09/07/5
http://www.securityfocus.com/bid/76734
http://www.securitytracker.com/id/1033548
1260647 https://bugzilla.redhat.com/show_bug.cgi?id=1260647
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
CVE-2015-6835 https://nvd.nist.gov/vuln/detail/CVE-2015-6835
CVE-2015-6835;OSVDB-126962 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/38123.txt
RHSA-2016:0457 https://access.redhat.com/errata/RHSA-2016:0457
USN-2758-1 https://usn.ubuntu.com/2758-1/
Data source Exploit-DB
Date added Sept. 9, 2015
Description PHP Session Deserializer - Use-After-Free
Ransomware campaign use Known
Source publication date Sept. 9, 2015
Exploit type dos
Platform php
Source update date Sept. 9, 2015
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2015-6835
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2015-6835
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.94793
EPSS Score 0.09007
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.