SecuritySpace - CVE-2018-19395

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2018-19395

Description: ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2018-19395
BugTraq ID: 105989
http://www.securityfocus.com/bid/105989
https://bugs.php.net/bug.php?id=77177

CVE ID:	CVE-2018-19395
Description:	ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2018-19395 BugTraq ID: 105989 http://www.securityfocus.com/bid/105989 https://bugs.php.net/bug.php?id=77177