CVE-2017-5677

Publication date

2017-02-06 18:00:00

Family

mitre

State

PUBLISHED

Description

PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression.