Greezybacon

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.4.43 PHP versions 5.5.x prior to 5.5.27 PHP versions 5.6.x prior to 5.6.11 **Description** The issue is caused by a stack-based buffer overflow in the `phar fix filepath` function. This can be exploited by a remote attacker to cause a denial of service or possibly have other impacts by using a large length value that is mishandled by the IMAP PHP extension, for example, through an e-mail attachment. **Recommendations** For PHP versions prior to 5.4.43, update to version 5.4.43 or later. For PHP versions 5.5.x prior to 5.5.27, update to version 5.5.27 or later. For PHP versions 5.6.x prior to 5.6.11, update to version 5.6.11 or later.