5 matches found
The vulnerability of the ext/wddx/wddx.c component of the PHP interpreter allows a attacker to cause a service failure.
The vulnerability of the ext/wddx/wddx.c component of the PHP interpreter is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause service failures through a corrupted XML document...
CVE-2017-11143
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c...
CVE-2017-11143
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c...
CVE-2016-7130
CVE-2016-7130 affects PHP’s WDDX extension (ext/wddx/wddx.c) in PHP builds prior to 5.6.25 and 7.x prior to 7.0.10. The issue arises when deserializing WDDX XML containing a binary element with an invalid base64 value, allowing remote attackers to trigger a NULL pointer dereference and crash the ...
CVE-2016-7130
Removed by vendor...