CVE-2015-4024
Description
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
75.519
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update HP System Management Homepage Detection (x64) 7.5.3.1 to latest version | Windows |
| Update HP System Management Homepage Detection 7.5.3.1 to latest version | Windows |
| Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Update | Mac |
| Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Combo Update | Mac |
| HTML-embedded scripting language interpreter (USN-2658-1) php5-cgi_5.6.4+dfsg-4ubuntu6.4_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-2658-1) php5-cgi_5.6.4+dfsg-4ubuntu6.4_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-2658-1) php5-cli_5.6.4+dfsg-4ubuntu6.4_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-2658-1) php5-cli_5.6.4+dfsg-4ubuntu6.4_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-2658-1) php5-fpm_5.6.4+dfsg-4ubuntu6.4_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-2658-1) php5-fpm_5.6.4+dfsg-4ubuntu6.4_amd64.deb | Linux |
| HTML-embedded scripting language interpreter (USN-2658-1) libapache2-mod-php5_5.6.4+dfsg-4ubuntu6.4_i386.deb | Linux |
| HTML-embedded scripting language interpreter (USN-2658-1) libapache2-mod-php5_5.6.4+dfsg-4ubuntu6.4_amd64.deb | Linux |
| Php55-php update (ELSA-2015-1186) php55-php-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-bcmath update (ELSA-2015-1186) php55-php-bcmath-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-cli update (ELSA-2015-1186) php55-php-cli-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-common update (ELSA-2015-1186) php55-php-common-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-dba update (ELSA-2015-1186) php55-php-dba-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-devel update (ELSA-2015-1186) php55-php-devel-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-enchant update (ELSA-2015-1186) php55-php-enchant-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-fpm update (ELSA-2015-1186) php55-php-fpm-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-gd update (ELSA-2015-1186) php55-php-gd-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-gmp update (ELSA-2015-1186) php55-php-gmp-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-intl update (ELSA-2015-1186) php55-php-intl-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-ldap update (ELSA-2015-1186) php55-php-ldap-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-mbstring update (ELSA-2015-1186) php55-php-mbstring-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-mysqlnd update (ELSA-2015-1186) php55-php-mysqlnd-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-odbc update (ELSA-2015-1186) php55-php-odbc-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-opcache update (ELSA-2015-1186) php55-php-opcache-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-pdo update (ELSA-2015-1186) php55-php-pdo-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-pgsql update (ELSA-2015-1186) php55-php-pgsql-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-process update (ELSA-2015-1186) php55-php-process-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-pspell update (ELSA-2015-1186) php55-php-pspell-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-recode update (ELSA-2015-1186) php55-php-recode-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-snmp update (ELSA-2015-1186) php55-php-snmp-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-soap update (ELSA-2015-1186) php55-php-soap-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-xml update (ELSA-2015-1186) php55-php-xml-5.5.21-4.el7.x86_64.rpm | Linux |
| Php55-php-xmlrpc update (ELSA-2015-1186) php55-php-xmlrpc-5.5.21-4.el7.x86_64.rpm | Linux |
| Php54-php update (ELSA-2015-1219) php54-php-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-bcmath update (ELSA-2015-1219) php54-php-bcmath-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-cli update (ELSA-2015-1219) php54-php-cli-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-common update (ELSA-2015-1219) php54-php-common-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-dba update (ELSA-2015-1219) php54-php-dba-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-devel update (ELSA-2015-1219) php54-php-devel-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-enchant update (ELSA-2015-1219) php54-php-enchant-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-fpm update (ELSA-2015-1219) php54-php-fpm-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-gd update (ELSA-2015-1219) php54-php-gd-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-imap update (ELSA-2015-1219) php54-php-imap-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-intl update (ELSA-2015-1219) php54-php-intl-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-ldap update (ELSA-2015-1219) php54-php-ldap-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-mbstring update (ELSA-2015-1219) php54-php-mbstring-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-mysqlnd update (ELSA-2015-1219) php54-php-mysqlnd-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-odbc update (ELSA-2015-1219) php54-php-odbc-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-pdo update (ELSA-2015-1219) php54-php-pdo-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-pgsql update (ELSA-2015-1219) php54-php-pgsql-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-process update (ELSA-2015-1219) php54-php-process-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-pspell update (ELSA-2015-1219) php54-php-pspell-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-recode update (ELSA-2015-1219) php54-php-recode-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-snmp update (ELSA-2015-1219) php54-php-snmp-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-soap update (ELSA-2015-1219) php54-php-soap-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-tidy update (ELSA-2015-1219) php54-php-tidy-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-xml update (ELSA-2015-1219) php54-php-xml-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php-xmlrpc update (ELSA-2015-1219) php54-php-xmlrpc-5.4.40-3.el6.x86_64.rpm | Linux |
| Php54-php update (ELSA-2015-1219) php54-php-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-bcmath update (ELSA-2015-1219) php54-php-bcmath-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-cli update (ELSA-2015-1219) php54-php-cli-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-common update (ELSA-2015-1219) php54-php-common-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-dba update (ELSA-2015-1219) php54-php-dba-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-devel update (ELSA-2015-1219) php54-php-devel-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-enchant update (ELSA-2015-1219) php54-php-enchant-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-fpm update (ELSA-2015-1219) php54-php-fpm-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-gd update (ELSA-2015-1219) php54-php-gd-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-intl update (ELSA-2015-1219) php54-php-intl-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-ldap update (ELSA-2015-1219) php54-php-ldap-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-mbstring update (ELSA-2015-1219) php54-php-mbstring-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-mysqlnd update (ELSA-2015-1219) php54-php-mysqlnd-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-odbc update (ELSA-2015-1219) php54-php-odbc-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-pdo update (ELSA-2015-1219) php54-php-pdo-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-pgsql update (ELSA-2015-1219) php54-php-pgsql-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-process update (ELSA-2015-1219) php54-php-process-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-pspell update (ELSA-2015-1219) php54-php-pspell-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-recode update (ELSA-2015-1219) php54-php-recode-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-snmp update (ELSA-2015-1219) php54-php-snmp-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-soap update (ELSA-2015-1219) php54-php-soap-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-xml update (ELSA-2015-1219) php54-php-xml-5.4.40-3.el7.x86_64.rpm | Linux |
| Php54-php-xmlrpc update (ELSA-2015-1219) php54-php-xmlrpc-5.4.40-3.el7.x86_64.rpm | Linux |
| Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Ubuntu) | Linux |
| Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Debian) | Linux |
| Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Centos) | Linux |
| Update HP System Management Homepage Detection 7.5.3.1 to latest version (For RedHat) | Linux |
| Update HP System Management Homepage Detection 7.5.3.1 to latest version (For Suse) | Linux |
| Multiple Vulnerabilities affected in system_management_homepage 7.5.3.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.2.0 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.1.0.102 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.1.0-103 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.0.0.96 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.0.0-95 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.12-200 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.12-118 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.11-197 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.11 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.10-186 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.9-178 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.8-177 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.7.168 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.6.156 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.5.146-b | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.5.146 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.4.143 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.4-143 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.2.127 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.0.121 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.0.2.106 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.0.1.104 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 7.2.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 7.2 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.2.6 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.11.197-a | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.10.186-c | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.10.186-b | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.10.186 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.10 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.8.179 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 7.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 7.0 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.3.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.3.0 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.2.8 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.15.210 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.15-210 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.15 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.14.20 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.14 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.12.201 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.0.64 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.0-68 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.0 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.2.77-b | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.2.77 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.2-77 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.2 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.1.73 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.1-73 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.0.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.4 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.3.132 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 7.4.0 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.2.2.7 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 6.0 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.2.7 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 3.2.2 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.9 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.8 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.7-168 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.7 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.6-156 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.6 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.5-146 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.5 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.3 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.2-127 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.2 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.0-118 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.0-109 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.0-103(a) | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1.0-103 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.0.2 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.0.1 | NCM |
| Multiple Vulnerabilities affected in system_management_homepage 2.0.0 | NCM |
| CVE-2015-4024 | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-600354 | OS X Yosemite 10.10.5 Update |
| PATCH-600458 | OS X Yosemite 10.10.5 Combo Update |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234