cve/CVE-2015-6832.md at 4024663e83c70ac127726b49919178f8121c5338

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.

POC

Reference

https://bugs.php.net/bug.php?id=70068
https://hackerone.com/reports/104016

Github

No PoCs found on GitHub currently.

771 B Raw Blame History

CVE-2015-6832

Description

POC

Reference

Github

771 B

Raw Blame History