Debian: Security Advisory (DLA-341-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2010-2191

The 1 parsestr, 2 pregmatch, 3 unpack, and 4 pack functions; the 5 ZENDFETCHRW, 6 ZENDCONCAT, and 7 ZENDASSIGNCONCAT opcodes; and the 8 ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents or...

SUSE CVE-2014-3515

The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, relate...

SUSE CVE-2015-6831

Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving 1 ArrayObject, 2 SplObjectStorage, and 3 SplDoublyLinkedList, which are mishandled during unserialization...

PHP garbage collection mechanism UAF vulnerability analysis-vulnerability warning-the black bar safety net

First, the PHP garbage collection mechanism introduction Because PHP is among the presence of circular references, only the refcount of the counter as a garbage collection mechanism is not enough, so in PHP5. 3 introduced a new garbage collection mechanism. $a = array'one'; $a = &$a; unset$a; ?&...

Internet Bug Bounty: Use-after-free in ArrayObject Deserialization

The bug report at: https://bugs.php.net/bug.php?id=73144 The fix commit at: https://github.com/php/php-src/commit/f74d7d92c8bc1edc2505e0b58546217e9e1ecb40...

php: dangling pointer in the unserialization of ArrayObject items

A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary code...

Internet Bug Bounty: Use-after-free vulnerability in SPL(ArrayObject, unserialize)

https://bugs.php.net/bug.php?id=71311...

PHP SPL Deserialization Memory Misreference Vulnerability

PHP is a general-purpose scripting language that can be embedded in HTML. A memory misreference vulnerability in the PHP SPL deserialization implementation allows attackers to exploit special ArrayObject, SplObjectStorage, SplDoublyLinkedList related vectors to execute arbitrary code...

CVE-2015-6831

Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving 1 ArrayObject, 2 SplObjectStorage, and 3 SplDoublyLinkedList, which are mishandled during unserialization...

PHP SPL ArrayObject Use-After-Free Exploit

A use-after-free vulnerability was discovered in unserialize with SPL ArrayObject object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely. Use After Free Vulnerability in unserialize with SPL ArrayObject Taoguang Chen - Write Date:...

PHP SPL ArrayObject Use-After-Free

Use After Free Vulnerability in unserialize with SPL ArrayObject Taoguang Chen - Write Date: 2015.7.30 - Release Date: 2015.8.7 A use-after-free vulnerability was discovered in unserialize with SPL ArrayObject object's deserialization that can be abused for leaking arbitrary memory blocks or...

Internet Bug Bounty: Dangling pointer in the unserialization of ArrayObject items

https://bugs.php.net/bug.php?id=70068...

Debian DLA-18-1 : php5 security update

CVE-2014-3515: fix unserialize SPL ArrayObject / SPLObjectStorage Type Confusion CVE-2014-0207: fileinfo: cdfreadshortsector insufficient boundary check CVE-2014-3480: fileinfo: cdfcountchain insufficient boundary check CVE-2014-4721: The phpinfo implementation in ext/standard/info.c in PHP befor...

PHP unserialize Call SPL ArrayObject and SPLObjectStorage Memory Corruption (CVE-2014-3515)

A memory corruption vulnerability exists in PHP. The vulnerability is due to type confusion in the unserialize function for SPL ArrayObject and SPLObjectStorage. An attacker can exploit this vulnerability if the application uses the vulnerable function...

CentOS 7 : php (CESA-2014:1013)

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

php security update

CentOS Errata and Security Advisory CESA-2014:1013 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw

A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute...

Moderate: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: php53 and php security update

Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...