SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  PHP phar_set_inode Function Buffer Overflow

Category: PL-VULNS      

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3329


Relevant Information