CVE-2015-6834

Priority
Description
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before
5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary
code via vectors related to (1) the Serializable interface, (2) the
SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are
mishandled during unserialization.
Assigned-to
mdeslaur
Notes
More Information

Updated: 2019-12-05 18:42:47 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)