Vulnerability & Exploit Database

Back to search

DSA-3344-1 php5 -- security update

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:C/I:C/A:C) August 27, 2015 September 23, 2015 March 21, 2018

Description

Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

debian-upgrade-php5

Related Vulnerabilities