FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PHP -- multiple vulnerabilities

Affected packages
		php70	<	7.0.14

Details

VuXML ID	6972668d-cdb7-11e6-a9a5-b499baebfeaf
Discovery	2016-12-08
Entry	2016-12-29

The PHP project reports:

Use After Free Vulnerability in unserialize() (CVE-2016-9936)

Invalid read when wddx decodes empty boolean element (CVE-2016-9935)

[source]

References

CVE Name	CVE-2016-9935
CVE Name	CVE-2016-9936
URL	http://php.net/ChangeLog-7.php#7.0.14

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.