Description
Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation.
Remediation
References
Related Vulnerabilities
Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)
WordPress Plugin Event Tickets CSV Injection (4.10.7.1)
WordPress Plugin WP e-Commerce-Store Toolkit Privilege Escalation (2.0)
Apache Tomcat 7PK - Security Features Vulnerability (CVE-2014-9635)
WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.1.13)