935276 – (CVE-2015-4642) VUL-0: CVE-2015-4642: php5,php53: OS command injection vulnerability in escapeshellarg

Bug 935276 (CVE-2015-4642) - VUL-0: CVE-2015-4642: php5,php53: OS command injection vulnerability in escapeshellarg

Summary: VUL-0: CVE-2015-4642: php5,php53: OS command injection vulnerability in escap...

Status:	RESOLVED INVALID

Alias:	CVE-2015-4642

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Petr Gajdos
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/117851/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2015-06-18 14:40 UTC by Marcus Meissner
Modified:	2015-06-22 07:57 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2015-06-18 14:40:11 UTC

CVE-2015-4642

http://seclists.org/oss-sec/2015/q2/752

    Fixed bug #69646 (OS command injection vulnerability in escapeshellarg).
    https://bugs.php.net/bug.php?id=69646
    http://git.php.net/?p=php-src.git;a=commitdiff;h=d2ac264ffea5ca2e85640b6736e0c7cd4ee9a4a9
    (Windows specific)

Comment 1 Swamp Workflow Management 2015-06-18 22:01:37 UTC

bugbot adjusting priority

Comment 2 Petr Gajdos 2015-06-22 07:57:14 UTC

This bug seems to be

(In reply to Marcus Meissner from comment #0)
>     (Windows specific)