PHP TAR File Parsing Uninitialized Reference (CVE-2016-4343)

An uninitialized reference vulnerability exists in PHP. A remote attacker can exploit this vulnerability by uploading a crafted TAR file to a vulnerable PHP application. A successful attack will result in remote code execution under the context of the service running PHP. Unsuccessful exploitation will cause the web application to terminate abnormally.

Leave a Reply