PHP 'phar _ fix_filepath () 'function Stack Buffer Overflow Vulnerability

PHP 'phar _ fix_filepath () 'function Stack Buffer Overflow Vulnerability
PHP 'phar _ fix_filepath () 'function Stack Buffer Overflow Vulnerability

Release date:
Updated on:

Affected Systems:

PHP 5.4.3
PHP 5.4.2
PHP 5.4.1
PHP

Description:

Bugtraq id: 75970
CVE (CAN) ID: CVE-2015-5590

PHP is a widely used scripting language. It is especially suitable for Web development and can be embedded into HTML.

PHP has a buffer overflow and stack overflow vulnerability in the implementation of phar_fix_filepath. Attackers can exploit this vulnerability to execute arbitrary code in the context of the PHP process.

<* Source: Vasyl Kaigorodov
*>

Suggestion:

Vendor patch:

PHP
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.php.net/downloads.php

PHP 7, you deserve it

Experience PHP 7.0 on CentOS 7.x/Fedora 21

Install LNMP in CentOS 6.3 (PHP 5.4, MyySQL5.6)

Nginx startup failure occurs during LNMP deployment.

Ubuntu install Nginx php5-fpm MySQL (LNMP environment setup)

Detailed php hd scanning PDF + CD source code + full set of teaching videos

Configure the php lnmp development environment in CentOS 6

PHP details: click here
PHP: click here

This article permanently updates the link address: