Description
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
Remediation
References
Related Vulnerabilities
OpenSSL Resource Management Errors Vulnerability (CVE-2014-3506)
WordPress Plugin WP-PostViews Cross-Site Request Forgery (1.62)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1)
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.26)
Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-1613)