CVE-2016-9935

Priority
Description
The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29
and 7.x before 7.0.14 allows remote attackers to cause a denial of service
(out-of-bounds read and memory corruption) or possibly have unspecified
other impact via an empty boolean element in a wddxPacket XML document.
More Information

Updated: 2019-03-19 12:27:51 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)