MGASA-2015-0258

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2015-4598 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644

Published: 05 Jul 2015, 17:22

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Jul 2015, 17:22

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated php package fixes security vulnerability Incorrect handling of paths with NULs (CVE-2015-4598). OS command injection vulnerability in escapeshellarg (CVE-2015-4642). Integer overflow in ftp_genlist() resulting in heap overflow (CVE-2015-4643). Segfault in php_pgsql_meta_data (CVE-2015-4644). PHP has been updated to version 5.5.26, which fixes multiple bugs and potential security issues. Please see the upstream ChangeLog for details.

Affected Systems

mageia•php
< 5.5.26-1.mga4
mageia•php-apc
< 3.1.15-4.16.mga4

MGASA-2015-0258

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)