Vulnerability CVE-2017-5677

Vulnerability CVE-2017-5677

Published: 2017-02-06

Description:

	Topic	Author	Date
High	PEAR HTML_AJAX <= 0.5.7 (PHP Serializer) PHP Object Injection Vulnerability	Egidio Romano	06.02.2017

Type:

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
PEAR -> Html ajax

http://blog.pear.php.net/2017/02/02/security-html_ajax-058/

http://karmainsecurity.com/KIS-2017-01

http://seclists.org/fulldisclosure/2017/Feb/12

http://www.securityfocus.com/bid/96044

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f5acb5adcd195f9a06b732794cb0de7620def646

https://pear.php.net/bugs/bug.php?id=21165