Wind River Support Network

HomeDefectsLIN9-5129
Acknowledged

LIN9-5129 : Security Advisory - php - CVE-2017-12933

Created: Aug 28, 2017    Updated: May 29, 2018
Found In Version: 9.0.0.9
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

https://nvd.nist.gov/vuln/detail/CVE-2017-12933

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube