PHP Information Disclosure and Heap Buffer Overflow Vulnerabilities

PHP is prone to an information-disclosure vulnerability and a heap-based buffer-overflow vulnerability.

Successfully exploiting these issues allow attackers to execute arbitrary code in the context of the affected application or obtain sensitive information. Failed exploits will result in denial-of-service conditions.

PHP prior to 5.6.40, 7.0 through 7.1.25, 7.2.0 through 7.2.13, and 7.3.0 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus