Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP prior to 5.6.30 and 7.0.x prior to 7.0.15 allows remote malicious users to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
php php 7.1.0 |
||
debian debian linux 8.0 |