2 matches found
php: Integer overflow in phar_parse_pharfile
Integer overflow in the pharparsepharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service memory consumption or application crash via a truncated manifest entry in a PHAR archive...
PT-2017-4183 · Php +3 · Php +3
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.6.30 PHP versions 7.0.x prior to 7.0.15 Description: The issue is caused by an integer overflow in the phar parse pharfile function, allowing remote attackers to cause a denial of service, potentially leading to memory...