PHP.Zend.Hash.Destroy.Uninitialized.Pointer.Code.Execution
Description
This indicates an attack attempt against a Code Execution vulnerability in PHP.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted serialized object. A remote attacker may be able to exploit this to execute arbitrary code on the affected systems.
Affected Products
PHP Group PHP 7.0.x up to 7.0.14
PHP Group PHP 7.1.0
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version available from the website.
http://php.net/downloads.php
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-06-10 | 14.629 | Severity:high:critical |