PHP 5.5.x < 5.5.33 / 5.6.x < 5.6.19 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 9174
SynopsisThe remote web server uses a version of PHP that is affected by multiple vulnerabilities.
DescriptionVersions of PHP 5.5.x prior to 5.5.33, or 5.6.x prior to 5.6.19 are vulnerable to the following issues :
- A use-after-free error exists in the 'php_wddx_pop_element()' function in 'ext/wddx/wddx.c'. The issue is triggered when handling crafted XML data. This may allow a remote attacker to dereference already freed memory and potentially execute arbitrary code. (OSVDB 135224)
- An out-of-bounds read flaw exists in the 'phar_parse_zipfile()' function in 'ext/phar/zip.c' that may allow a remote attacker to trigger a crash or gain unauthorized access to information. (OSVDB 135225)
SolutionUpgrade to PHP version 5.6.19 or later. If 5.6.x cannot be obtained, 5.5.33 is also patched for these vulnerabilities.