CVE-2019-9020 PHP xmlrpc_decode() Function Invalid Memory Access Vulnerability – 27th Feb 2019

Preface:
xmlrpc_decode — Decodes XML into native PHP types

Vulnerability detail: The vulnerability is due to improper input validation by the xmlrpc_decode() function of the affected software.

Impact: A successful exploit could cause a heap out-of-bounds read or read-after-free condition, which could result in a complete system compromise.

Remedy: PHP has released software updates at the following link: http://php.net/downloads.php

2 thoughts on “CVE-2019-9020 PHP xmlrpc_decode() Function Invalid Memory Access Vulnerability – 27th Feb 2019”

  1. Wonderful work! This is the type of information that should be shared around the internet. Shame on the search engines for not positioning this post higher! Come on over and visit my site . Thanks =)

  2. Great post. I was checking constantly this weblog and I am
    inspired! Extremely useful information specially the ultimate part 🙂 I care for
    such info a lot. I used to be looking for this particular info for
    a long time. Thanks and good luck.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.