bcpowmod accepts negative scale and corrupts _one_ definition

Disclosed: 2019-10-13 18:11:23 By fms To ibb

Unknown

Vulnerability Details

https://bugs.php.net/bug.php?id=72093 Two issues reported on the same bug, bcpowermod accepts a negative value which also is able to corrupt the one definition and leads to memory corruption problems. Reported to developers on 2016-04-24, fixed 2016-04-25 and released at 2016-04-28, affected PHP 5.5 , 5.6 and 7. http://php.net/ChangeLog-5.php#5.5.35 http://php.net/ChangeLog-5.php#5.6.21 http://php.net/ChangeLog-7.php#7.0.6

Actions

View on HackerOne

Report Stats

Report ID: 135293
State: Closed
Substate: resolved
Upvotes: 1

bcpowmod accepts negative scale and corrupts _one_ definition

Vulnerability Details

Actions

Report Stats

Share this report