Lucene search

K
cvelistMitreCVELIST:CVE-2016-9137
HistoryJan 04, 2017 - 8:00 p.m.

CVE-2016-9137

2017-01-0420:00:00
mitre
www.cve.org
9
cve-2016-9137
remote attackers
denial of service
serialized data
__wakeup processing

AI Score

9.3

Confidence

High

EPSS

0.021

Percentile

89.2%

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.