Wind River Support Network

HomeDefectsLIN7-6313
Fixed

LIN7-6313 : Security Advisory - php - CVE-2015-6834

Created: May 31, 2016    Updated: Sep 8, 2018
Resolved Date: Jun 24, 2016
Found In Version: 7.0.0.15
Fix Version: 7.0.0.17
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.<a href=http://cwe.mitre.org/data/definitions/502.html>CWE-502: Deserialization of Untrusted Data</a>

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6834

Other Downloads


CVEs


Live chat
Online