VYPR
Medium severity5.9NVD Advisory· Published May 22, 2016· Updated Jun 17, 2026

CVE-2015-8878

CVE-2015-8878

Description

main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory corruption) by leveraging an application that performs many temporary-file accesses.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • PHP/PHP2 versions
    cpe:2.3:a:php:php:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:php:php:*:*:*:*:*:*:*:*range: >=5.5.0,<5.5.28
    • (no CPE)range: before 5.5.28 and 5.6.x before 5.6.12

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.