CVE-2015-0231 : Détail

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142.

Métriques

EPSS

Score EPSS

Percentile EPSS

Informations sur l'Exploit

Exploit Database EDB-ID : 40414

Date de publication : 2016-09-21 22h00 +00:00
Auteur : SEC Consult
EDB Vérifié : No

Products Mentioned

Configuraton 0

Php>>Php >> Version To (including) 5.4.36

Php>>Php >> Version 5.4.0

Php>>Php >> Version 5.4.1

Php>>Php >> Version 5.4.2

Php>>Php >> Version 5.4.3

Php>>Php >> Version 5.4.4

Php>>Php >> Version 5.4.5

Php>>Php >> Version 5.4.6

Php>>Php >> Version 5.4.7

Php>>Php >> Version 5.4.8

Php>>Php >> Version 5.4.9

Php>>Php >> Version 5.4.10

Php>>Php >> Version 5.4.11

Php>>Php >> Version 5.4.12

Php>>Php >> Version 5.4.12

Php>>Php >> Version 5.4.12

Php>>Php >> Version 5.4.13

Php>>Php >> Version 5.4.13

Php>>Php >> Version 5.4.14

Php>>Php >> Version 5.4.14

Php>>Php >> Version 5.4.15

Php>>Php >> Version 5.4.16

Php>>Php >> Version 5.4.17

Php>>Php >> Version 5.4.18

Php>>Php >> Version 5.4.19

Php>>Php >> Version 5.4.20

Php>>Php >> Version 5.4.21

Php>>Php >> Version 5.4.22

Php>>Php >> Version 5.4.23

Php>>Php >> Version 5.4.24

Php>>Php >> Version 5.4.25

Php>>Php >> Version 5.4.26

Php>>Php >> Version 5.4.27

Php>>Php >> Version 5.4.28

Php>>Php >> Version 5.4.29

Php>>Php >> Version 5.4.30

Php>>Php >> Version 5.4.34

Php>>Php >> Version 5.4.35

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.0

Php>>Php >> Version 5.5.1

Php>>Php >> Version 5.5.2

Php>>Php >> Version 5.5.3

Php>>Php >> Version 5.5.4

Php>>Php >> Version 5.5.5

Php>>Php >> Version 5.5.6

Php>>Php >> Version 5.5.7

Php>>Php >> Version 5.5.8

Php>>Php >> Version 5.5.9

Php>>Php >> Version 5.5.10

Php>>Php >> Version 5.5.11

Php>>Php >> Version 5.5.12

Php>>Php >> Version 5.5.13

Php>>Php >> Version 5.5.14

Php>>Php >> Version 5.5.15

Php>>Php >> Version 5.5.16

Php>>Php >> Version 5.5.17

Php>>Php >> Version 5.5.18

Php>>Php >> Version 5.5.19

Php>>Php >> Version 5.5.20

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.0

Php>>Php >> Version 5.6.1

Php>>Php >> Version 5.6.2

Php>>Php >> Version 5.6.3

Php>>Php >> Version 5.6.4

Références