Description
Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.
Remediation
References
Related Vulnerabilities
MyBB Improper Access Control Vulnerability (CVE-2015-8973)
WordPress Plugin Dropdown Menu Widget Cross-Site Request Forgery (1.9.1)
WordPress Plugin WordPress Social Stream Security Bypass (1.5.15)
Internet Information Services Other Vulnerability (CVE-1999-0412)
WordPress Plugin Website FAQ 'website-faq-widget.php' SQL Injection (1.0)