CVE-2015-4601
PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600.
We have discovered 1,268,058 live websites that are affected by CVE-2015-4601.
Affected Software
| Product |  PHP |
| Category | Programming Languages |
| Vulnerable Domains | 1,268,058 live websites (14.53% of PHP install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 208 versions ( 38.03% of all versions) |
Details
- Published - May 16, 2016
- Updated - Aug 6, 2024
CVE References
CVE-2015-4601 usage by Country
 United States | 306,829 websites |
 Russia | 126,998 websites |
 Taiwan | 109,382 websites |
 France | 100,044 websites |
 Germany | 90,525 websites |
 Japan | 84,584 websites |
 Netherlands | 59,957 websites |
 China | 45,384 websites |
 Singapore | 26,550 websites |
 Korea, South | 22,162 websites |
CVE-2015-4601 usage by TLD
| .com | 546,576 websites |
| .ru | 111,440 websites |
| .de | 67,766 websites |
| .net | 49,473 websites |
| .nl | 42,582 websites |
| .fr | 35,815 websites |
| .org | 32,038 websites |
| .jp | 22,672 websites |
| .info | 16,100 websites |
| .cz | 15,299 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2015-4601
Top websites that are affected by CVE-2015-4601. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****.***********.com |  Canada | *** | |
| **********.com | United States | *** | |
| ************.***.ar |  Argentina | *,*** | |
| ********.*********.com | Singapore | *,*** | |
| ******************.com | United States | *,*** | |
| ***.org | United States | *,*** | |
| *********.******.net | United States | *,*** | |
| ****.com | United States | *,*** | |
| ********.com | United States | *,*** | |
| *******.org | United States | *,*** |
FAQ
A total of 1,268,058 websites have been identified as vulnerable to CVE-2015-4601, discovered through global website indexing conducted by WebTechSurvey.
PHP is susceptible to CVE-2015-4601 vulnerability.
PHP versions before 5.6.7 are vulnerable to CVE-2015-4601.
Version 5.6.7 of PHP addresses the CVE-2015-4601 security vulnerability.
References
- http://www.securitytracker.com/id/1032709
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://php.net/ChangeLog-5.php
- http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8
- http://www.securityfocus.com/bid/75246
- http://www.openwall.com/lists/oss-security/2015/06/16/12
- http://rhn.redhat.com/errata/RHSA-2015-1135.html
- http://rhn.redhat.com/errata/RHSA-2015-1218.html