Wind River Support Network

HomeDefectsLIN7-6293

Fixed

LIN7-6293 : Security Advisory - php - CVE-2015-4642

Created: May 31, 2016 Updated: Sep 8, 2018

Resolved Date: Jun 27, 2016

Found In Version: 7.0.0.15

Fix Version: 7.0.0.17

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system function.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4642

Other Downloads

Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2015-4642