Описание
Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to inject or execute arbitrary code, bypass security restrictions or cause denial of service.
Below is a complete list of vulnerabilities
- Multiple use-after-free vulnerabilities can be exploited remotely via a specially designed call and input and vectors related to Phar archives renaming and;
- Improper pathname truncation can be exploited remotely via a specailly designed arguments;
- Integer overflow vulnerability can be exploited remotely via a specially designed ZIP archive;
- An unknown vulnerability can be exploited remotely via a specially designed GIF image or ELF file;
- Heap-based buffer overflow can be exploited remotely via vectors related to dictionaries;
- Improper string-length handling can be exploited remotely via a specially designed files.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2015-2787 critical
- CVE-2015-2348 critical
- CVE-2015-2331 critical
- CVE-2015-2301 critical
- CVE-2015-1351 critical
- CVE-2015-0273 critical
- CVE-2014-9709 critical
- CVE-2014-9705 critical
- CVE-2014-9653 critical
- CVE-2014-9652 critical
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!