CVE-2015-8878

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.5.28 PHP versions 5.6.x prior to 5.6.12

Description The issue is caused by errors in synchronization when using a shared resource in the main/php open temporary file.c function of the PHP interpreter. This allows remote attackers to cause a denial of service by exploiting a race condition and heap memory corruption, leveraging an application that performs many temporary-file accesses.

Recommendations For PHP versions prior to 5.5.28, update to version 5.5.28 or later. For PHP versions 5.6.x prior to 5.6.12, update to version 5.6.12 or later.