SUSE CVE-2015-4600

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the 1...

PT-2015-3250 · Php +4 · Php +4

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.4.40 PHP versions 5.5.x prior to 5.5.24 PHP versions 5.6.x prior to 5.6.8 Description: The issue is related to the lack of checking for %00 sequences in pathnames, which could allow remote attackers to read or write to...