CVE-2015-7804 | PHP up to 5.5.29/5.6.13 PHAR Archive ext/phar/zip.c phar_parse_zipfile off-by-one (Bug 70433)

Inserito da Angelo Barbosa | Mag 12, 2025 | CVE

A vulnerability was found in PHP up to 5.5.29/5.6.13. It has been classified as critical. This affects the function phar_parse_zipfile of the file ext/phar/zip.c of the component PHAR Archive Handler. The manipulation leads to off-by-one.

This vulnerability is uniquely identified as CVE-2015-7804. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2015-7804 | PHP up to 5.5.29/5.6.13 PHAR Archive ext/phar/zip.c phar_parse_zipfile off-by-one (Bug 70433)

Post correlati

CVE-2024-37849 | itsourcecode Billing System 1.0 process.php username sql injection

CVE-2024-40675 | Google Android 12/12L/13/14 Intent.java parseUriInternal denial of service

CVE-2023-47712 | IBM Security Guardium 11.3/11.4/11.5/12.0 improper ownership management (XFDB-271527)

CVE-2024-5815 | GitHub Enterprise Server up to 3.9.16/3.10.13/3.11.11/3.12.5/3.13.0 cross-site request forgery