WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Other Vulnerability (CVE-2015-8876)

Description

Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.

Remediation

References

Related Vulnerabilities

WordPress Plugin WordPress Leads Unspecified Vulnerability (1.6.8)

PHP Numeric Errors Vulnerability (CVE-2007-1001)

WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (7.1.12)

WordPress Plugin Exit Popup Show Cross-Site Scripting (1.0)

WordPress Plugin Mingle Forum Multiple Cross-Site Scripting Vulnerabilities (1.0.33)

Severity

Critical

Classification

CVE-2015-8876 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities