Описание
Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 5.5.12+dfsg-2ubuntu4 |
| esm-infra-legacy/trusty | not-affected | |
| lucid | not-affected | |
| precise | not-affected | |
| trusty | not-affected | |
| trusty/esm | not-affected | |
| upstream | released | 5.6.1+dfsg-1 |
Показывать по
EPSS
6.8 Medium
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.
Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.
Use-after-free vulnerability in the add_post_var function in the Posth ...
Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.
Уязвимость функции add_post_var интерпретатора языка программирования PHP, позволяющая нарушителю выполнить произвольный PHP-код
EPSS
6.8 Medium
CVSS2
9.8 Critical
CVSS3