Risk | High |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2016-9138 CVE-2015-6835 |
CWE-ID | CWE-502 CWE-416 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #2 is available. |
Vulnerable software Subscribe |
PHP Universal components / Libraries / Scripting languages |
Vendor | PHP Group |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU10334
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-9138
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to unsafe handling of serialized data when processing property modification during __wakeup(). A remote attacker can pass specially crafted serialized data to the application and cause denial of service attack.
Update to version 5.6.28 or 7.0.13.
PHP: 5.5.0 - 7.0.12
External linkshttp://bugs.php.net/bug.php?id=73147
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU1001
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2015-6835
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability alows a remote unauthenticated user to execute arbitrary code or cause DoS conditions on the target system.
The weakness exists due to incorrect processing of multiple php_var_unserialize calls while deserializing data with the session deserializer. By sending a specially crafted serialized string, attackers can trigger a use-after-free that can be used to execute arbitrary code or cause a service crash.
Successful exploitation of the vulnerability results in arbitrary code execution or denial of service on the vulnerable system.
Update to version 5.5.38, 5.6.27 or 7.0.12.
PHP: 5.4.1 - 5.6.12
External linkshttp://bugs.php.net/bug.php?id=73147
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.