Off-by-one error in the phar_parse_zipfile function in ext/phar/zip.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (uninitialized pointer dereference and application crash) by including the / filename in a .zip PHAR archive.
2015-12-11T12:00:12.307
2025-04-12T10:46:40.837
Deferred
CVSSv2: 6.8 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | apple | mac_os_x | ≤ 10.11.1 | Yes |
| Application | php | php | ≤ 5.5.29 | Yes |
| Application | php | php | 5.6.0 | Yes |
| Application | php | php | 5.6.1 | Yes |
| Application | php | php | 5.6.2 | Yes |
| Application | php | php | 5.6.3 | Yes |
| Application | php | php | 5.6.4 | Yes |
| Application | php | php | 5.6.5 | Yes |
| Application | php | php | 5.6.6 | Yes |
| Application | php | php | 5.6.7 | Yes |
| Application | php | php | 5.6.8 | Yes |
| Application | php | php | 5.6.9 | Yes |
| Application | php | php | 5.6.10 | Yes |
| Application | php | php | 5.6.11 | Yes |
| Application | php | php | 5.6.12 | Yes |
| Application | php | php | 5.6.13 | Yes |