USN-2786-1: PHP vulnerabilities

28 October 2015

PHP could be made to crash if it processed a specially crafted file.

Releases

Packages

  • php5 - HTML-embedded scripting language interpreter

Details

It was discovered that the PHP phar extension incorrectly handled certain
files. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service. (CVE-2015-7803, CVE-2015-7804)