Date: Tue, 31 Mar 2015 09:32:25 +0300 From: Lior Kaplan <kaplanlior@...il.com> To: Tyler Hicks <tyhicks@...onical.com> Cc: oss-security@...ts.openwall.com, "security@....net" <security@....net> Subject: Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize() On Tue, Mar 31, 2015 at 1:49 AM, Tyler Hicks <tyhicks@...onical.com> wrote: > On 2015-03-30 23:42:01, Tomas Hoger wrote: > > On Fri, 20 Mar 2015 20:35:59 +0100 Andrea Palazzo wrote: > > > > > I'd like to request a CVE for the PHP Sec Bug #69085. > > > > > > Description: > > > SoapClient's __call() method is prone to a type confusion > > > vulnerability which can be used to gain remote code execution through > > > unsafe unserialize() calls. > > > > > > Info: > > > https://bugs.php.net/bug.php?id=69085 > > > > There is another unserialize issue fixed in 5.6.7, 5.5.23 and 5.4.39 > > and currently listed on PHP 5 Changelog page: > > > > http://php.net/ChangeLog-5.php > > > > Fixed bug #68976 (Use After Free Vulnerability in unserialize()). > (CVE-2015-0231) > > https://bugs.php.net/68976 > > I believe that the ChangeLog-5.php page contains a typo since NVD claims > that CVE-2015-2787 corresponds to PHP bug #68976: > > https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2787 > > We weren't aware of this CVE assignment... Thanks. The bug & changelog updated. Kaplan
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ