CVE-2016-9935 (retired)

The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29
and 7.x before 7.0.14 allows remote attackers to cause a denial of service
(out-of-bounds read and memory corruption) or possibly have unspecified
other impact via an empty boolean element in a wddxPacket XML document.
More Information

Updated: 2019-03-26 12:23:45 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)