Vulnerabilities > PHP

DATE CVE VULNERABILITY TITLE RISK
2016-09-12 CVE-2016-7127 Out-of-bounds Write vulnerability in PHP
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments.
network
low complexity
php CWE-787
critical
9.8
2016-09-12 CVE-2016-7126 Out-of-bounds Write vulnerability in PHP
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.
network
low complexity
php CWE-787
critical
9.8
2016-09-12 CVE-2016-7125 Injection vulnerability in PHP
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection.
network
low complexity
php CWE-74
7.5
2016-09-12 CVE-2016-7124 Deserialization of Untrusted Data vulnerability in PHP
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
network
low complexity
php CWE-502
critical
9.8
2016-08-12 CVE-2016-6207 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.
network
low complexity
libgd debian opensuse php CWE-190
6.5
2016-08-07 CVE-2016-5773 Use After Free vulnerability in PHP
php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object.
network
low complexity
php CWE-416
critical
9.8
2016-08-07 CVE-2016-5772 Double Free vulnerability in multiple products
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.
network
low complexity
php suse opensuse debian CWE-415
critical
9.8
2016-08-07 CVE-2016-5771 Use After Free vulnerability in multiple products
spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data.
network
low complexity
php opensuse debian CWE-416
critical
9.8
2016-08-07 CVE-2016-5770 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096.
network
low complexity
php opensuse debian CWE-190
critical
9.8
2016-08-07 CVE-2016-5769 Integer Overflow or Wraparound vulnerability in PHP
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.
network
low complexity
php CWE-190
critical
9.8