SUSE CVE-2015-2787

Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an...

SUSE CVE-2017-12932

ext/standard/varunserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an...

SUSE CVE-2017-12933

The finishnesteddata function in ext/standard/varunserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP...

The vulnerability of the `ext/standard/var_unserializer.re` component in the PHP programming language allows a perpetrator to cause a service failure or potentially have other adverse effects.

The vulnerability of the ext/standard/varunserializer.re component in the PHP programming language arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to cause service failures or potentially have other effects through unserialized calls that reference partially...

The vulnerability of the `ext/standard/var_unserializer.re` component in the PHP programming language allows a attacker to compromise data integrity.

The vulnerability of the ext/standard/varunserializer.re component in the PHP programming language lies in the use of memory after it is freed. Exploiting this vulnerability allows an attacker to compromise data integrity...

php: Heap use after free in ext/standard/var_unserializer.re

ext/standard/varunserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an...

php: Heap use after free in ext/standard/var_unserializer.re

ext/standard/varunserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an...

The vulnerability of the `finish_nested_data` function in the PHP interpreter allows a attacker to potentially compromise the integrity of data.

The vulnerability of the finishnesteddata function in the PHP interpreter’s ext/standard/varunserializer.re module arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to potentially compromise the integrity of PHP dat...

A vulnerability exists in the ext/standard/var_unserializer.re PHP hypertext processor, which allows an attacker to potentially compromise the integrity of data.

The vulnerability in ext/standard/varunserializer.re of the PHP hypertext processor is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker, operating remotely, to potentially compromise the integrity of PHP data...

Design/Logic Flaw

ext/standard/varunserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an...

UBUNTU-CVE-2017-12934

ext/standard/varunserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x before 7.1.7 is prone to a heap use after free while unserializing untrusted data, related to the zvalgettype function in Zend/zendtypes.h. Exploitation of this issue can have an unspecified impact on the integrity of PHP...

PHP ext/standard/var_unserializer.re Buffer Overflow Vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A buffer overflow vulnerability exists in PHP ext/standard/varunserializer.re, which could be exploited by remote attackers to submit a special request and execute arbitrar...

PHP ext/standard/var_unserializer.re heap buffer overflow vulnerability (CNVD-2017-29192)

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A heap buffer overflow vulnerability exists in PHP ext/standard/varunserializer.re, which could be exploited by remote attackers to submit a special request and execute...

PHP Denial of Service Vulnerability (CNVD-2017-01944)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

UBUNTU-CVE-2015-2787

Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an...

UBUNTU-CVE-2014-3669

Integer overflow in the objectcustom function in ext/standard/varunserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an argument to the unserialize function...