QwikSec

Security Database

CVE

CWE

Training

CVE-2015-4022

Published: Jun 9, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

https://bugs.php.net/bug.php?id=69545

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

x_refsource_CONFIRM

openSUSE-SU-2015:0993

vendor-advisory

x_refsource_SUSE

http://php.net/ChangeLog-5.php

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

APPLE-SA-2015-08-13-2

vendor-advisory

x_refsource_APPLE

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

https://support.apple.com/kb/HT205031

x_refsource_CONFIRM

FEDORA-2015-8383

vendor-advisory

x_refsource_FEDORA

FEDORA-2015-8281

vendor-advisory

x_refsource_FEDORA

FEDORA-2015-8370

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_GENTOO

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.