Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-5589
Description:The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call.
Test IDs: 1.3.6.1.4.1.25623.1.0.703344  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-5589
BugTraq ID: 75974
http://www.securityfocus.com/bid/75974
Debian Security Information: DSA-3344 (Google Search)
http://www.debian.org/security/2015/dsa-3344
http://openwall.com/lists/oss-security/2015/07/18/1




© 1998-2024 E-Soft Inc. All rights reserved.