Description
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1169)
Jboss EAP Credentials Management Errors Vulnerability (CVE-2012-0034)
WordPress Plugin WP DSGVO Tools (GDPR) Cross-Site Scripting (3.1.23)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2011-1475)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3092)