CVE-2015-6837 | Vulnerability Database | Aqua Security

The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838.

Affected Software

Name	Vendor	Start Version	End Version
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.0	5.6.0
Php	Php	5.6.1	5.6.1
Php	Php	5.6.2	5.6.2
Php	Php	5.6.3	5.6.3
Php	Php	5.6.4	5.6.4
Php	Php	5.6.5	5.6.5
Php	Php	5.6.6	5.6.6
Php	Php	5.6.7	5.6.7
Php	Php	5.6.8	5.6.8
Php	Php	5.6.9	5.6.9
Php	Php	5.6.10	5.6.10
Php	Php	5.6.11	5.6.11
Php	Php	5.6.12	5.6.12

References

http://php.net/ChangeLog-5.php
http://www.debian.org/security/2015/dsa-3358
http://www.securityfocus.com/bid/76738
http://www.securitytracker.com/id/1033548
https://bugs.php.net/bug.php?id=69782
https://security.gentoo.org/glsa/201606-10

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-6837
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html