F5 Networks: K17377 (CVE-2015-6834): PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838
|8||(AV:N/AC:L/Au:N/C:P/I:P/A:P)||October 07, 2015||February 15, 2017||December 21, 2017|
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!