Описание
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback.
Ссылки
- Broken Link
- Not Applicable
- Not Applicable
- Not Applicable
- Mailing ListThird Party Advisory
- Broken Link
- ExploitVendor Advisory
- Broken Link
- Not Applicable
- Third Party Advisory
- Broken Link
- Not Applicable
- Not Applicable
- Not Applicable
- Mailing ListThird Party Advisory
- Broken Link
- ExploitVendor Advisory
- Broken Link
- Not Applicable
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
Связанные уязвимости
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback.
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8. ...
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback.
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2