CVE-2015-8980

The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.
References
Link Resource
http://www.securityfocus.com/bid/95754 Third Party Advisory VDB Entry
https://launchpad.net/php-gettext/trunk/1.0.12 Release Notes Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1367462 Issue Tracking Third Party Advisory
https://lwn.net/Alerts/708838/ Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2016/Aug/76 Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/01/18/4 Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2017-02/msg00015.html Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:php-gettext_project:php-gettext:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*

Information

Published : 2019-11-04 13:15

Updated : 2019-11-06 06:30


NVD link : CVE-2015-8980

Mitre link : CVE-2015-8980


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

fedoraproject

  • fedora

php-gettext_project

  • php-gettext

redhat

  • enterprise_linux

opensuse

  • leap