High severity7.3NVD Advisory· Published Jan 19, 2016· Updated Jun 17, 2026
CVE-2015-6831
CVE-2015-6831
Description
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- osv-coords10 versionspkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/php53&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/php5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/php5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 5.3.17-47.1+ 9 more
- (no CPE)range: < 5.3.17-47.1
- (no CPE)range: < 5.3.17-48.1
- (no CPE)range: < 5.3.17-48.1
- (no CPE)range: < 5.3.17-48.1
- (no CPE)range: < 5.3.17-48.1
- (no CPE)range: < 5.3.17-48.1
- (no CPE)range: < 5.3.17-48.1
- (no CPE)range: < 5.3.17-48.1
- (no CPE)range: < 5.5.14-36.1
- (no CPE)range: < 5.5.14-36.1
Patches
Vulnerability mechanics
References
9News mentions
0No linked articles in our index yet.