NULL pointer dereference vulnerability in PHP - CVE-2016-10162| ID: oval:org.secpod.oval:def:76702 | Date: (C)2021-12-31 (M)2023-12-20 |
| Class: VULNERABILITY | Family: windows |
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.
| Platform: |
| Microsoft Windows 7 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows 10 |
| Microsoft Windows 11 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows Server 2016 |
| Microsoft Windows Server 2019 |
| Microsoft Windows Server 2022 |
