漏洞类别:OEL
漏洞等级: 
漏洞信息
Oracle Enterprise Linux has released security update for php to fix the vulnerabilities.
Affected Products:
Oracle Linux 7
漏洞危害
An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permissions of the user running the PHP application.
解决方案
To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 7 for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论