SUSE-SU-2015:1701-1

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2015-6836 CVE-2015-6837 CVE-2015-6838

Published: 17 Sept 2015, 12:16

Last modified:04 Feb 2026, 03:56

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

17 Sept 2015, 12:16

Published

Vulnerability first disclosed

04 Feb 2026, 03:56

Last Modified

Vulnerability information updated

Description

Security update for php5 The PHP5 script interpreter was updated to fix security issues: * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428] * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412]

Affected Systems

suse•php5&distro=SUSE Linux Enterprise Server 11 SP2-LTSS
< 5.2.14-0.7.30.72.1

References (6)

https://www.suse.com/support/update/announcement/2015/suse-su-20151701-1/
https://bugzilla.suse.com/945412
https://bugzilla.suse.com/945428
https://www.suse.com/security/cve/CVE-2015-6836
https://www.suse.com/security/cve/CVE-2015-6837
https://www.suse.com/security/cve/CVE-2015-6838