|PHP 5.6 / 5.5 / 5.4 SplOnjectStorage... - VULHUB开源网络安全威胁库

PHP 5.6 / 5.5 / 5.4 SplOnjectStorage...

- AV AC AU C I A

发布： 2015-09-07

修订： 2025-04-13

exploit
arbitrary
php

A use-after-free vulnerability was discovered in unserialize() with SplObjectStorage object's deserialization and crafted object's __wakeup() magic method that can be abused for leaking arbitrary memory blocks or executing arbitrary code remotely. Affected are PHP versions prior to 5.6.13.

漏洞利用/PoC

当前有1条漏洞利用/PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™

PHP 5.6 / 5.5 / 5.4 SplOnjectStorage...

漏洞利用/PoC

受影响的平台与产品

贡献用户

相关漏洞清单