CVE-2014-8142 PoC — PHP‘process_nested_data’函数释放后重用漏洞

Source

https://github.com/3xp10it/php_cve-2014-8142_cve-2015-0231

Associated Vulnerability

Title:PHP‘process_nested_data’函数释放后重用漏洞 (CVE-2014-8142)
Description:PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHP Group和开放源代码社区共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发，支持多种数据库及操作系统。 PHP的ext/standard/var_unserializer.re文件中的‘process_nested_data’函数中存在释放后重用漏洞。远程攻击者可借助特制的非序列化调用利用该漏洞执行任意代码。以下版本受到影响：PHP 5.4.36之前版本，5.5.20之前5.5.x版本，5.6.

Description

php_cve-2014-8142_cve-2015-0231的漏洞环境docker

File Snapshot


 [4.0K]  /data/pocs/8a06f0e8afda4ab0a7fe7d3b902a1dcf09a03961
└── [ 198]  Dockerfile

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!