Updated ganglia-web packages fix CVE-2015-6816

An issue with the use of unserialize in ganglia-web allows authentication to be bypassed CVE-2015-6816...

FreeBSD : php -- multiple vulnerabilities (3d675519-5654-11e5-9ad8-14dae9d210b8)

PHP reports : - Core : - Fixed bug 70172 Use After Free Vulnerability in unserialize. - Fixed bug 70219 Use after free vulnerability in session deserializer. - EXIF : - Fixed bug 70385 Buffer over-read in exifreaddata with TIFF IFD tag byte value of 32 bytes. - hash : - Fixed bug 70312 HAVAL give...

PHP SplDoublyLinkedList unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object's deserializati...

PHP GMP unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Use After Free Vulnerability in unserialize with GMP Taoguang Chen Write Date: 2015.8.17 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary...

PHP 5.45.55.6 - SplObjectStorage Unserialize() Use-After-Free

PHP 5.45.55.6 - SplObjectStorage Unserialize Use-After-Free Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's...

PHP 5.45.55.6 - SplDoublyLinkedList Unserialize() Use-After-Free

PHP 5.45.55.6 - SplDoublyLinkedList Unserialize Use-After-Free Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object...

PHP 5.45.55.6 - Unserialize() Use-After-Free

PHP 5.45.55.6 - Unserialize Use-After-Free Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory blocks...

PHP GMP - unserialize() Use-After-Free

PHP GMP - unserialize Use-After-Free Use After Free Vulnerability in unserialize with GMP Taoguang Chen Write Date: 2015.8.17 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory block...

PHP SplObjectStorage unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and...

PHP unserialize() Use-After-Free Vulnerabilities

Exploit for php platform in category dos / poc Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory...

PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free

Use After Free Vulnerabilities in unserialize Taoguang Chen Write Date: 2015.7.31 Release Date: 2015.9.4 Multiple use-after-free vulnerabilities were discovered in unserialize with Serializable class that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely. Affect...

PHP GMP - 'unserialize()' Use-After-Free

Use After Free Vulnerability in unserialize with GMP Taoguang Chen Write Date: 2015.8.17 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely...

PHP 5.4/5.5/5.6 - SplObjectStorage 'Unserialize()' Use-After-Free

Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and crafted object's wakeup magic method that can be...

PHP 5.4/5.5/5.6 - SplDoublyLinkedList 'Unserialize()' Use-After-Free

Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object's deserialization and crafted object's wakeup magic method tha...

Amazon Linux: Security Advisory (ALAS-2015-463)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-494)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP 5.6 / 5.5 / 5.4 SplDoublyLinkedList Use-After-Free

Yet Another Use After Free Vulnerability in unserialize with SplDoublyLinkedList Taoguang Chen - Write Date: 2015.8.27 - Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplDoublyLinkedList object's deserialization and crafted object's wakeup magic method...

PHP 5.6 / 5.5 / 5.4 SplOnjectStorage unserialize() Use-After-Free

Yet Another Use After Free Vulnerability in unserialize with SplObjectStorage Taoguang Chen - Write Date: 2015.8.27 - Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with SplObjectStorage object's deserialization and crafted object's wakeup magic method that ca...

PHP 5.6 GMP unserialize() Use-After-Free

Use After Free Vulnerability in unserialize with GMP Taoguang Chen - Write Date: 2015.8.17 - Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code...

CVE-2015-6832

Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/splarray.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field...