2 matches found
TYPO3 PharStreamWrapper Remote Code Execution Vulnerability
TYPO3 PharStreamWrapper is an interceptor for stream processing from the Swiss TYPO3 Association. Drupal core third-party class library TYPO3/PharStreamWrapper package 2.1.1 before version 2.x and 3.1.1 before version 3.x there is a deserialization protection mechanism can be bypassed leading to...
Security update for php5 (important)
PHP was updated to fix three security issues. The following vulnerabilities were fixed: CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 apache2handler, allow arbitrary code execution bnc928506 CVE-2015-3329: Specially crafted PHAR data could lead to...