Wind River Support Network

HomeDefectsLIN7-4027

Fixed

LIN7-4027 : Security Advisory - php - CVE-2015-4147

Created: Jun 15, 2015 Updated: Sep 8, 2018

Resolved Date: Jun 20, 2015

Found In Version: 7.0.0.6

Fix Version: 7.0.0.7

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a type confusion issue.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4147

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2015-4147