PHP 'zend _ HASH_IF_FULL_DO_RESIZE () 're-exploits the memory corruption vulnerability after being released
PHP 'zend _ HASH_IF_FULL_DO_RESIZE () 're-exploits the memory corruption vulnerability after being released
Release date:
Updated on:
Affected Systems:
PHP
Description:
Bugtraq id: 76318
PHP is a widely used scripting language. It is especially suitable for Web development and can be embedded into HTML.
PHP implements 'zend _ HASH_IF_FULL_DO_RESIZE () 'and re-exploits the Memory Corruption Vulnerability. After successful exploitation, attackers can execute arbitrary code in the context of the affected application.
<* Source: niubl
*>
Suggestion:
Vendor patch:
PHP
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.php.net/downloads.php
PHP 7, you deserve it
Experience PHP 7.0 on CentOS 7.x/Fedora 21
Install LNMP in CentOS 6.3 (PHP 5.4, MyySQL5.6)
Nginx startup failure occurs during LNMP deployment.
Ubuntu install Nginx php5-fpm MySQL (LNMP environment setup)
Detailed php hd scanning PDF + CD source code + full set of teaching videos
Configure the php lnmp development environment in CentOS 6
PHP details: click here
PHP: click here
This article permanently updates the link address: