Description

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.

Remediation

References

CVE-2016-7479

Related Vulnerabilities

MySQL CVE-2013-0389 Vulnerability (CVE-2013-0389)

Oracle Database Server CVE-2011-0875 Vulnerability (CVE-2011-0875)

Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)

WordPress Plugin GS Products Slider for WooCommerce Cross-Site Scripting (1.5.8)

WordPress Plugin Fusion:Extension-Map Multiple Unspecified Vulnerabilities (1.0.3)

Severity

Critical

Classification

CVE-2016-7479 CWE-416 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities