CVE-2015-6832 in PHPinfo

Summary

Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

09/08/2015

Disclosure

01/19/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-416

CVSS

8.6

EPSS

0.01536

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-6832
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-6832
CVE Details	https://www.cvedetails.com/cve/CVE-2015-6832/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!