Vulnerabilities

CVE-2016-9138

by Fred · 04/01/2017

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup.

Date published : 2017-01-04

http://www.securityfocus.com/bid/95268

https://bugs.php.net/bug.php?id=73147

Similar

Tags: Cybersecurity Alert