nvd-json-data-feeds/CVE-2015/CVE-2015-68xx/CVE-2015-6831.json

{
  "id": "CVE-2015-6831",
  "sourceIdentifier": "meissner@suse.de",
  "published": "2016-01-19T05:59:02.637",
  "lastModified": "2022-08-05T14:28:44.903",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de uso despu\u00e9s de liberaci\u00f3n de memoria en SPL en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 permiten a atacantes remotos ejecutar c\u00f3digo arbitrario involucrando vectores (1) ArrayObject, (2) SplObjectStorage y (3) SplDoublyLinkedList, los cuales no son manejados adecuadamente durante la deserializaci\u00f3n."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "5.4.44",
              "matchCriteriaId": "A03A31A6-4CAC-4229-A1E4-FDC785765646"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.5.0",
              "versionEndExcluding": "5.5.28",
              "matchCriteriaId": "B9C0D35D-0789-471F-9252-FB4233D7E1F1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.6.0",
              "versionEndExcluding": "5.6.12",
              "matchCriteriaId": "C946BEC6-918B-4C3F-9D2C-5FE90F693A2E"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.debian.org/security/2015/dsa-3344",
      "source": "meissner@suse.de",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.openwall.com/lists/oss-security/2015/08/19/3",
      "source": "meissner@suse.de",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.php.net/ChangeLog-5.php",
      "source": "meissner@suse.de",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/76737",
      "source": "meissner@suse.de",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://bugs.php.net/bug.php?id=70155",
      "source": "meissner@suse.de",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://bugs.php.net/bug.php?id=70166",
      "source": "meissner@suse.de",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://bugs.php.net/bug.php?id=70168",
      "source": "meissner@suse.de",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://bugs.php.net/bug.php?id=70169",
      "source": "meissner@suse.de",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://security.gentoo.org/glsa/201606-10",
      "source": "meissner@suse.de",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}