CVE-2015-8878 : main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does

main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory corruption) by leveraging an application that performs many temporary-file accesses.

Published 2016-05-22 01:59:10

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2015-8878

PHP » PHP
Versions from including (>=) 5.5.0 and before (<) 5.5.28
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Matching versions
PHP » PHP
Versions from including (>=) 5.6.0 and before (<) 5.6.12
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2015-8878

Top countries where our scanners detected CVE-2015-8878

Top open port discovered on systems with this issue 80

IPs affected by CVE-2015-8878 65,517

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2015-8878!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2015-8878

EPSS FAQ

0.77%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 71 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-8878

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.1	HIGH	AV:N/AC:M/Au:N/C:N/I:N/A:C	8.6	6.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
5.9	MEDIUM	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H	2.2	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2015-8878

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-8878

https://bugs.php.net/bug.php?id=70002

PHP :: Bug #70002 :: apache2 / php5ts crashes, sometimes reporting zend_mm_heap corrupted
Issue Tracking;Vendor Advisory
http://www.php.net/ChangeLog-5.php

PHP: PHP 5 ChangeLog
Vendor Advisory

CVEs referencing this url