Vulnerability Change Records for CVE-2015-4601

Change History

CVE Modified by Red Hat, Inc. 9/21/2017 9:29:18 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1032709 [No Types Assigned]

Modified Analysis 5/17/2016 12:54:13 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:* (and previous)
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NVD-CWE-Other
Added Evaluator Description

								
							
							
						
<a href="http://cwe.mitre.org/data/definitions/843.html">Access of Resource Using Incompatible Type ('Type Confusion')</a>

CVE Modified by Red Hat, Inc. 11/28/2016 2:29:17 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/75246 [No Types Assigned]

CVE Modified by Source 6/16/2016 10:3:38 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2015-1135.html

CVE Modified by Red Hat, Inc. 1/04/2018 9:30:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2015-1218.html [No Types Assigned]

CVE Translated 5/18/2016 6:45:05 AM

Action Type Old Value New Value
Added Translation

								
							
							
						
PHP en versiones anteriores a 5.6.7 podría permitir a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecuar código arbitrario a través de un tipo de dato no esperado, relacionado con casos "type confusion" en (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c y (3) ext/soap/soap.c, un caso diferente a CVE-2015-4600.
Removed Translation
PHP en versiones anteriores a 5.6.7 podría permitir a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecuar código arbitrario a través de un tipo de dato no esperado, relacionado con casos "confusión de tipo" en (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c y (3) ext/soap/soap.c, un caso diferente a CVE-2015-4600.

								
						

CVE Modified by Source 10/11/2016 10:0:47 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Initial CVE Analysis 5/16/2016 3:14:11 PM

Action Type Old Value New Value