cve/CVE-2016-7418.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.

POC

Reference

https://bugs.php.net/bug.php?id=73065
https://bugs.php.net/bug.php?id=73065
https://www.tenable.com/security/tns-2016-19
https://www.tenable.com/security/tns-2016-19

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/RClueX/Hackerone-Reports
https://github.com/imhunterand/hackerone-publicy-disclosed

1.0 KiB Raw Blame History

CVE-2016-7418

Description

POC

Reference

Github

1.0 KiB

Raw Blame History