QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-0273

Back to search

CVE-2015-0273

Published: Mar 30, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function.

VendorProductVersions

n/a

n/a

affected
n/a

References

DSA-3195
vendor-advisory
x_refsource_DEBIAN
APPLE-SA-2015-10-21-4
vendor-advisory
x_refsource_APPLE
USN-2535-1
vendor-advisory
x_refsource_UBUNTU
HPSBMU03409
vendor-advisory
x_refsource_HP
APPLE-SA-2015-09-30-3
vendor-advisory
x_refsource_APPLE
HPSBMU03380
vendor-advisory
x_refsource_HP
MDVSA-2015:079
vendor-advisory
x_refsource_MANDRIVA
APPLE-SA-2015-06-30-2
vendor-advisory
x_refsource_APPLE
openSUSE-SU-2015:0440
vendor-advisory
x_refsource_SUSE
SSRT102066
vendor-advisory
x_refsource_HP
SUSE-SU-2015:0436
vendor-advisory
x_refsource_SUSE
1031945
vdb-entry
x_refsource_SECTRACK
72701
vdb-entry
x_refsource_BID
SUSE-SU-2015:0424
vendor-advisory
x_refsource_SUSE
RHSA-2015:1135
vendor-advisory
x_refsource_REDHAT
RHSA-2015:1053
vendor-advisory
x_refsource_REDHAT
HPSBUX03337
vendor-advisory
x_refsource_HP
GLSA-201606-10
vendor-advisory
x_refsource_GENTOO
RHSA-2015:1066
vendor-advisory
x_refsource_REDHAT
RHSA-2015:1218
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now