The vulnerability of the _maliciousfilename function in the Archive_Tar class of the PHP classes in the PEAR library allows a malicious actor to execute arbitrary PHP code.
The vulnerability of the maliciousfilename function in the ArchiveTar class of the PHP classes in the PEAR library is related to the restoration of a unreliable data structure in memory. Exploiting this vulnerability allows an attacker to execute arbitrary PHP code using a specially crafted .tar...