Описание
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.6.1+dfsg-1 |
| esm-apps/xenial | not-affected | 3.6.1+dfsg-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [3.6.1+dfsg-1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 3.6.1+dfsg-1 |
| trusty | not-affected | 3.6.1+dfsg-1 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
wp-includes/functions.php in WordPress before 3.6.1 does not properly ...
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
EPSS
7.5 High
CVSS2