Security Bulletin
Summary
The IBM Tealeaf Customer Experience PCA Web UI uses a version of PHP with reported security issues.
Vulnerability Details
CVEID: CVE-2015-0273
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in unserialize() with DateTimeZone. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101192 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-2783
DESCRIPTION: PHP could allow a remote attacker to obtain sensitive information, caused by a buffer over-read in the unserialize function. By persuading a victim to open a specially-crafted phar file, an attacker could exploit this vulnerability to leak memory on the system.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/102411 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVEID: CVE-2015-2787
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free error in the unserialize() function. By abusing the defined __wakeup() magic method, an attacker could exploit this vulnerability to execute arbitrary PHP code on the system.
CVSS Base Score: 6.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/#/vulnerabilities/101822 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-3411
DESCRIPTION: PHP could allow a remote attacker to bypass security restrictions, caused by the failure to properly handle file names containing a NULL character. An attacker could exploit this vulnerability using a path name containing null characters to bypass file system access restrictions.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104108 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVEID: CVE-2015-3412
DESCRIPTION: PHP could allow a remote attacker to bypass security restrictions, caused by the failure to properly handle file names containing a NULL character. An attacker could exploit this vulnerability using a path name containing null characters to bypass file system access restrictions.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104109 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVEID: CVE-2015-4024
DESCRIPTION: PHP is vulnerable to a denial of service, caused by an error when parsing malicious requests. By sending a specially-crafted HTTP POST request, an attacker could exploit this vulnerability to consume all available CPU resources.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com//vulnerabilities/103516 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2015-4025
DESCRIPTION: PHP could allow a remote attacker to bypass security restrictions, caused by the acceptance of a NULL value in a path by the set_include_path(), tempnam(), rmdir(), and readlink() functions. By sending a specially-crafted value, an attacker could exploit this vulnerability to bypass security controls.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com//vulnerabilities/103514 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVEID: CVE-2015-4598
DESCRIPTION: PHP could allow a remote attacker to bypass security restrictions, caused by the failure to properly handle file names containing a NULL character. An attacker could exploit this vulnerability using a path name containing null characters to bypass file system access restrictions.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104110 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVEID: CVE-2015-4642
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary commands on the system, caused by an error in escapeshellarg. An attacker could exploit this vulnerability to inject and execute arbitrary commands on the system.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103925 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVEID: CVE-2015-6831
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free error in the unserialize() with SplDoublyLinkedList. By abusing the object, an attacker could exploit this vulnerability to execute arbitrary PHP code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106210 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2015-6834
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free error in the unserialize() function with SplObjectStorage and SplDoublyLinkedList. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106363 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2015-6835
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free error in the session deserializer. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106364 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2015-6837
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a NULL pointer dereference error. By sending specially crafted XSLT data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106366 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2015-6838
DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a NULL pointer dereference error. By sending specially crafted XSLT data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/106367 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Affected Products and Versions
IBM Tealeaf Customer Experience v8.0-v9.0.2
Remediation/Fixes
Workarounds and Mitigations
You can contact the Technical Support team for further guidance.
Get Notified about Future Security Bulletins
References
Change History
09 Jun 2016: Update Fix Central links.
04 Jan 2016: Initial publication
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21972384