Vulnerabilities > PHP

DATE CVE VULNERABILITY TITLE RISK
2016-08-07 CVE-2016-3078 Integer Overflow or Wraparound vulnerability in PHP
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.
network
low complexity
php CWE-190
critical
9.8
2016-08-07 CVE-2015-8935 Cross-site Scripting vulnerability in PHP
The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.
network
low complexity
php CWE-79
6.1
2016-07-25 CVE-2016-6297 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP
Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL.
network
low complexity
php CWE-119
8.8
2016-07-25 CVE-2016-6296 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.
network
low complexity
php CWE-119
critical
9.8
2016-07-25 CVE-2016-6295 Use After Free vulnerability in PHP
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.
network
low complexity
php CWE-416
critical
9.8
2016-07-25 CVE-2016-6294 Out-of-bounds Read vulnerability in PHP
The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument.
network
low complexity
php CWE-125
critical
9.8
2016-07-25 CVE-2016-6292 NULL Pointer Dereference vulnerability in PHP
The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image.
network
low complexity
php CWE-476
6.5
2016-07-25 CVE-2016-6291 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image.
network
low complexity
php CWE-119
critical
9.8
2016-07-25 CVE-2016-6290 Use After Free vulnerability in PHP
ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization.
network
low complexity
php CWE-416
critical
9.8
2016-07-25 CVE-2016-6289 Integer Overflow or Wraparound vulnerability in PHP
Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive.
local
low complexity
php CWE-190
7.8