PHP ZipArchive::getArchiveComment() NULL Pointer Dereference Denial Of Service Vulnerability
Gravedad: Medio
Fecha recomendada: 31 de mayo de 2016
Descripción
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1005434