PHP DateTime Use After Free Vulnerability

Exploit for php platform in category dos / poc Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod...

Updated php packages fix multiple vulnerabilities

Updated php packages fix security vulnerabilities: The unserialize function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types CVE-2014-3515. It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT...

Fedora 19 : php-5.5.14-1.fc19 (2014-7782)

26 Jun 2014, PHP 5.5.14 Core : - Fixed BC break introduced by patch for bug 67072. Anatol, Stas - Fixed bug 66622 Closures do not correctly capture the late bound class static:: in some cases. Levi Morrison - Fixed bug 67390 insecure temporary file use in the configure script. CVE-2014-3981 Remi ...

UBUNTU-CVE-2014-4698

Use-after-free vulnerability in ext/spl/splarray.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments...

Fedora 20 : php-5.5.14-1.fc20 (2014-7765)

26 Jun 2014, PHP 5.5.14 Core : - Fixed BC break introduced by patch for bug 67072. Anatol, Stas - Fixed bug 66622 Closures do not correctly capture the late bound class static:: in some cases. Levi Morrison - Fixed bug 67390 insecure temporary file use in the configure script. CVE-2014-3981 Remi ...