Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
https://bugs.php.net/bug.php?id=70168
https://bugs.php.net/bug.php?id=70155
http://www.php.net/ChangeLog-5.php
https://bugs.php.net/bug.php?id=70166
https://bugs.php.net/bug.php?id=70169
http://www.openwall.com/lists/oss-security/2015/08/19/3
http://www.securityfocus.com/bid/76737
Source: MITRE
Published: 2016-01-19
Updated: 2022-08-05
Type: CWE-416
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
Base Score: 7.3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Impact Score: 3.4
Exploitability Score: 3.9
Severity: HIGH