CVE-2016-10159

2017-01-24T21:59:00
ID CVE-2016-10159
Type cve
Reporter cve@mitre.org
Modified 2018-05-04T01:29:00

Description

Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.