CVE-2015-3330

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.4.40 PHP versions 5.5.x prior to 5.5.24 PHP versions 5.6.x prior to 5.6.8

Description The issue is related to the php handler function in PHP, which can be exploited by remote attackers when used with the Apache HTTP Server 2.4.x. This can lead to a denial of service or possibly allow the execution of arbitrary code via pipelined HTTP requests, resulting in a "deconfigured interpreter." The vulnerability exists due to insufficient input validation, allowing a remote attacker to potentially execute arbitrary code.

Recommendations For PHP versions prior to 5.4.40, update to version 5.4.40 or later. For PHP versions 5.5.x prior to 5.5.24, update to version 5.5.24 or later. For PHP versions 5.6.x prior to 5.6.8, update to version 5.6.8 or later.