Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP prior to 5.6.30 and 7.0.x prior to 7.0.15 allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
netapp clustered data ontap - |
||
debian debian linux 8.0 |