SUSE CVE-2016-2554

Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TAR archive...

SUSE CVE-2019-9675

An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phartarwriteheadersint in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue...

The vulnerability of the ext/phar/tar.c component of the PHP programming language interpreter allows a attacker to trigger a service failure or possibly cause other adverse effects.

The vulnerability of the ext/phar/tar.c component in the PHP programming language arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to cause service interruptions or potentially have other effects using a specially created .TAR archive...

The vulnerability of the phar_tar_writeheaders_int function (ext/phar/tar.c) in the PHP programming language allows a hacker to execute arbitrary code.

The vulnerability of the phartarwriteheadersint function ext/phar/tar.c in the PHP programming language is related to the execution of operations outside of the buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PHP buffer overflow vulnerability (CNVD-2019-08979)

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development, supports a variety of databases and operating systems. A...

UBUNTU-CVE-2019-9675

An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phartarwriteheadersint in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue...

PT-2019-5459 · Php +3 · Php +3

Name of the Vulnerable Software and Affected Versions: PHP versions 7.1.x through 7.1.26 PHP versions 7.3.x through 7.3.2 Description: The issue is related to a buffer overflow in the phar tar writeheaders int function in ext/phar/tar.c of the PHP interpreter. This can be exploited by a remote...

UBUNTU-CVE-2015-4021

The pharparsetarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service integer underflow and memory...