Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
PHP 'phar/tar.c' Heap Buffer Overflow Vulnerability (Windows)
Information
Severity
Severity
High
Family
Family
Buffer overflow
CVSSv2 Base
CVSSv2 Base
7.5
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Solution Type
Solution Type
Vendor Patch
Created
Created
11 years ago
Modified
Modified
5 years ago
Summary
This host is running PHP and is prone to heap buffer overflow vulnerability.
Insight
Insight
Flaw related to overflow in phar_parse_tarfile()function in ext/phar/tar.c in the phar extension.
Affected Software
Affected Software
PHP version before 5.3.14 and 5.4.x before 5.4.4
Solution
Solution
Upgrade to PHP 5.4.4 or 5.3.14 or later.