Bughunter

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.6.29 PHP versions 7.x prior to 7.0.14 **Description** The issue is related to the php wddx push element function, which allows remote attackers to cause a denial of service or possibly have other impacts via an empty boolean element in a wddxPacket XML document. This can lead to an out-of-bounds read and memory corruption. The vulnerability is caused by a buffer overflow read. **Recommendations** For PHP versions prior to 5.6.29, update to version 5.6.29 or later. For PHP versions 7.x prior to 7.0.14, update to version 7.0.14 or later. As a temporary workaround, consider restricting the use of the php wddx push element function until a patch is available. Avoid using empty boolean elements in wddxPacket XML documents to minimize the risk of exploitation.