CVE-2015-6832

Priority
Description
Use-after-free vulnerability in the SPL unserialize implementation in
ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x
before 5.6.12 allows remote attackers to execute arbitrary code via crafted
serialized data that triggers misuse of an array field.
Assigned-to
mdeslaur
Notes
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.6.12+dfsg-1)
Ubuntu 14.04 ESM (Trusty Tahr):released (5.5.9+dfsg-1ubuntu4.13)
Patches:
Upstream:http://git.php.net/?p=php-src.git;a=commit;h=b7fa67742cd8d2b0ca0c0273b157f6ffee9ad6e2
More Information

Updated: 2019-12-05 18:42:46 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)