Published: 17/09/2016 Updated: 04/05/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The ZIP signature-verification feature in PHP prior to 5.6.26 and 7.x prior to 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote malicious users to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 7.0.10
php php 7.0.0
php php 7.0.7
php php 7.0.8
php php 7.0.3
php php 7.0.4
php php 7.0.1
php php 7.0.2
php php 7.0.9
php php
php php 7.0.5
php php 7.0.6

Synopsis Moderate: rh-php70-php security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rh-php70-php is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabilit ...

Several security issues were fixed in PHP ...

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development The vulnerabilities are addressed by upgrading PHP to the new upstream version 5626, which includes additional bug fixes Please refer to the upstream changelog for more information: phpnet/ChangeLog-5php#562 ...

ext/mysqlnd/mysqlnd_wireprotocolc in PHP before 5626 and 7x before 7011 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata (CVE-2016-7412) Use-after-free vulnerability in t ...

ext/standard/var_unserializerre in PHP before 5626 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object (CVE-2016-7411) ext/mysqlnd/mysqlnd_wireprotocolc in PHP b ...

The ZIP signature-verification feature in PHP before 5626 and 7x before 7011 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/utilc and ext/phar ...

SecurityCenter has recently been discovered to have several vulnerabilities Two were reported by external parties while the rest were discovered during internal testing Note that the library vulnerabilities were not fully diagnosed so SecurityCenter may or may not be impacted Tenable opted to upgrade the libraries as it was more efficient Detai ...

CWE-119 https://github.com/php/php-src/commit/0bfb970f43acd1e81d11be1154805f86655f15d5?w=1 http://www.php.net/ChangeLog-7.php http://www.php.net/ChangeLog-5.php http://www.openwall.com/lists/oss-security/2016/09/15/10 https://bugs.php.net/bug.php?id=72928 http://www.securityfocus.com/bid/93004 https://security.gentoo.org/glsa/201611-22 http://www.securitytracker.com/id/1036836 https://www.tenable.com/security/tns-2016-19 https://access.redhat.com/errata/RHSA-2018:1296 https://access.redhat.com/errata/RHSA-2018:1296 https://usn.ubuntu.com/3095-1/https://nvd.nist.gov

CVE-2016-7414

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect