2 matches found
CVE-2014-3622
CVE-2014-3622 describes a use-after-free in PHP 5.6.x prior to 5.6.1 affecting the Posthandler component (add_post_var). The underlying issue could let remote attackers execute arbitrary code through a third-party filter extension that accesses a specific ksep value. Practical impact is remote co...
CVE-2014-3622
Use-after-free vulnerability in the addpostvar function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value...