oss-sec mailing list archives
CVE Request: Use after free in PHP Collator::sortWithSortKeys function
From: Emmanuel Law <emmanuel.law () gmail com>
Date: Tue, 22 Dec 2015 23:29:54 +1300
Hi, I reported a use after free in PHP's Intl extension. The vulnerability is in Collator::sortWithSortKeys function. Only Php 7.0.0 is affected. https://bugs.php.net/bug.php?id=71020 This can potentially be remotely exploitable if the sorting function is called on a user supplied array. Not sure If this is CVE worthy. But if so, please assign it one. Thanks.
Current thread:
- CVE Request: Use after free in PHP Collator::sortWithSortKeys function Emmanuel Law (Dec 22)
- Re: CVE Request: Use after free in PHP Collator::sortWithSortKeys function cve-assign (Dec 22)