VYPR
High severity7.3NVD Advisory· Published May 20, 2016· Updated Jun 17, 2026

CVE-2015-8865

CVE-2015-8865

Description

The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

37
  • PHP/PHP35 versions
    cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 34 more
    • cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: <=5.5.33
    • cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
    • (no CPE)range: <5.5.34 | >=5.6.0,<5.6.20 | >=7.0.0,<7.0.5
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    Range: <=10.11.4
  • Range: <5.23

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.