WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3329)

Description

Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.

Remediation

References

Related Vulnerabilities

WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Cross-Site Scripting (4.6.19)

Joomla! Core 3.9.x Cross-Site Request Forgery (3.9.0 - 3.9.22)

WordPress Plugin Feedweb Cross-Site Scripting (1.8.8)

Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14033)

WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress Unspecified Vulnerability (3.0.8)

Severity

High

Classification

CVE-2015-3329 CWE-119

Tags

Missing Update Known Vulnerabilities