PHP 7 Unserialization Use-After-Free Vulnerability

PHP 7 Unserialization Use-After-Free Vulnerability

CVE-2016-7479 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.