SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  PHP phar_make_dirstream Function DoS 1

Category: PL-VULNS      

The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4343


Relevant Information