Vulnerability & Exploit Database

Back to search

DSA-3344-1 php5 -- security update

Severity CVSS Published Added Modified
8 (AV:N/AC:L/Au:N/C:C/I:C/A:C) August 27, 2015 September 23, 2015 March 21, 2018

Description

Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

debian-upgrade-php5

Related Vulnerabilities