CVE-2015-2783

by Fred · 09/06/2015

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.

Date published : 2015-06-09

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html

CVE-2015-2783

Similar

Recent Posts

Categories

CVE-2015-2783

Share this:

Similar

Recent Posts

Categories

Tags