MGASA-2015-0169

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2015-2783 CVE-2015-3329 CVE-2015-3330

Published: 25 Apr 2015, 20:15

Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Apr 2015, 20:15

Published

Vulnerability first disclosed

16 Apr 2026, 06:23

Last Modified

Vulnerability information updated

Description

Updated php packages fix security vulnerabilities Updated php packages fix security vulnerabilities: Buffer Over-read in unserialize when parsing Phar (CVE-2015-2783). Buffer Overflow when parsing tar/zip/phar in phar_set_inode (CVE-2015-3329). Potential remote code execution with apache 2.4 apache2handler (CVE-2015-3330). PHP has been updated to version 5.5.24, which fixes these issues and other bugs.

Affected Systems

mageia•php
< 5.5.24-1.mga4
mageia•php-apc
< 3.1.15-4.14.mga4
mageia•php-timezonedb
< 2015.3-1.mga4

MGASA-2015-0169

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)