Page 14 of 85 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. La implementación no serializable SplObjectStorage en ext/spl/spl_observer.c en PHP en versiones anteriores a 7.0.12 no verifica que una clave sea un objeto, lo que permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (acceso a memoria no inicializada) a través de datos serializados manipulados. • http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7 http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf http://php.net/ChangeLog-7.php http://www.securityfocus.com/bid/95152 https://bugs.php.net/bug.php?id=73257 https://github.com/php/php-src/commit/61cdd1255d5b9c8453be71aacbbf682796ac77d4 https://security.netapp.com/advisory/ntap-20180112-0001 https://www.youtube.com/watch?v=LDcaPstAuPk • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 9%CPEs: 202EXPL: 1

Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. cccZend/zend_exceptions.c en PHP, posiblemente en 5.x en versiones anteriores a 5.6.28 y 7.x en versiones anteriores a 7.0.13, permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un objeto Exception manipulado en datos serializados, un caso relacionado con CVE-2015-8876. • http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7 http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf http://www.securityfocus.com/bid/95150 https://bugs.php.net/bug.php?id=73093 https://security.netapp.com/advisory/ntap-20180112-0001 https://www.youtube.com/watch?v=LDcaPstAuPk •

CVSS: 9.8EPSS: 48%CPEs: 3EXPL: 1

Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. Zend/zend_hash.c en PHP en versiones anteriores a 7.0.15 y 7.1.x en versiones anteriores a 7.1.1 no maneja adecuadamente ciertos casos que requieren asignaciones de array grandes, lo que permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de enteros, acceso a memoria no inicializada y uso de punteros de la función de destructor arbitrarios) a través de datos serializados manipulados. • http://www.securityfocus.com/bid/95371 http://www.securitytracker.com/id/1037659 https://access.redhat.com/errata/RHSA-2018:1296 https://bugs.php.net/bug.php?id=73832 https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12 https://security.netapp.com/advisory/ntap-20180112-0001 https://access.redhat.com/security/cve/CVE-2017-5340 https://bugzilla.redhat.com/show_bug.cgi?id=1412631 • CWE-190: Integer Overflow or Wraparound CWE-456: Missing Initialization of a Variable •

CVSS: 9.8EPSS: 1%CPEs: 14EXPL: 1

The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834. La implementación no serializada en ext/standard/var.c en PHP 7.x en versiones anteriores a 7.0.14 permite a atacantes remotos provocar una denegación de servicio (uso después de liberación) o posiblemente tener otro impacto no especificado a través de datos serializados manipulados. NOTA: esta vulnerabilidad existe por una reparación incompleta de la CVE-2015-6834. • http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html http://www.openwall.com/lists/oss-security/2016/12/12/2 http://www.php.net/ChangeLog-7.php http://www.securityfocus.com/bid/94849 https://access.redhat.com/errata/RHSA-2018:1296 https://bugs.php.net/bug.php?id=72978 https://github.com/php/php-src/commit/b2af4e8868726a040234de113436c6e4f6372d17 https://access.redhat.com/security/cve/CVE-2016-9936 https://bugzilla.redhat.com/show_bug.cgi?id=1404735 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 1

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing. Vulnerabilidad de uso después de liberación de memoria en la implementación de CURLFile en ext/curl/curl_file.c en PHP en versiones anteriores a 5.6.27 y 7.x en versiones anteriores a 7.0.12 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de datos serializados manipulados que no maneja adecuadamente durante el procesamiento de __wakeup. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0e6fe3a4c96be2d3e88389a5776f878021b4c59f http://www.debian.org/security/2016/dsa-3698 http://www.openwall.com/lists/oss-security/2016/11/01/2 http://www.php.net/ChangeLog-5.php http://www.php.net/ChangeLog-7.php http://www.securityfocus.com/bid/93577 https://bugs.php.net/bug.php?id=73147 https://www.tenable.com/security/tns-2016-19 • CWE-416: Use After Free •