Vulnerabilities > PHP > PHP > 5.4.31

DATE CVE VULNERABILITY TITLE RISK
2016-07-25 CVE-2016-6288 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.
network
low complexity
php CWE-119
critical
 9.8
9.8
2016-05-22 CVE-2016-4543 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
network
low complexity
hp php fedoraproject opensuse CWE-119
critical
 9.8
9.8
2016-05-22 CVE-2016-4542 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
network
low complexity
php opensuse fedoraproject CWE-119
critical
 9.8
9.8
2016-05-22 CVE-2016-4541 The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
network
low complexity
fedoraproject php opensuse
critical
 9.8
9.8
2016-05-22 CVE-2016-4540 The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.
network
low complexity
fedoraproject opensuse php
critical
 9.8
9.8
2016-05-22 CVE-2016-4539 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero.
network
low complexity
php opensuse fedoraproject CWE-119
critical
 9.8
9.8
2016-05-22 CVE-2016-4538 Improper Input Validation vulnerability in multiple products
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
network
low complexity
php fedoraproject opensuse CWE-20
critical
 9.8
9.8
2016-05-22 CVE-2016-4537 Improper Input Validation vulnerability in multiple products
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
network
low complexity
php opensuse fedoraproject CWE-20
critical
 9.8
9.8
2016-05-22 CVE-2016-4343 Access of Uninitialized Pointer vulnerability in multiple products
The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive.
network
php opensuse CWE-824
6.8
6.8
2016-05-22 CVE-2016-4342 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive.
network
opensuse php CWE-119
8.3
8.3