SB2017090108 - Multiple vulnerabilities in PHP
Published: September 1, 2017 Updated: September 18, 2017
Security Bulletin ID
SB2017090108
Severity
Medium
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Heap use-after-free error (CVE-ID: CVE-2017-12932)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to improper use of the hash API for key deletion in a situation with an invalid array size. A remote attacker can use untrusted data to trigger heap use-after-free error in ext/standard/var_unserializer.re and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
2) Deserialization of untrusted data (CVE-ID: N/A)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of the user-input within unserialize () function. A remote attacker with ability to control input data can trigger denial of service (DoS) attack.
Remediation
Install update from vendor's website.