Lucene search

K
cveMitreCVE-2016-4071
HistoryMay 20, 2016 - 11:00 a.m.

CVE-2016-4071

2016-05-2011:00:15
CWE-20
mitre
web.nvd.nist.gov
192
cve
php
vulnerability
format string
remote code execution
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8

Confidence

Low

EPSS

0.493

Percentile

97.5%

Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.

Affected configurations

Nvd
Node
phpphpMatch5.6.0alpha1
OR
phpphpMatch5.6.0alpha2
OR
phpphpMatch5.6.0alpha3
OR
phpphpMatch5.6.0alpha4
OR
phpphpMatch5.6.0alpha5
OR
phpphpMatch5.6.0beta1
OR
phpphpMatch5.6.0beta2
OR
phpphpMatch5.6.0beta3
OR
phpphpMatch5.6.0beta4
OR
phpphpMatch5.6.1
OR
phpphpMatch5.6.2
OR
phpphpMatch5.6.3
OR
phpphpMatch5.6.4
OR
phpphpMatch5.6.5
OR
phpphpMatch5.6.6
OR
phpphpMatch5.6.7
OR
phpphpMatch5.6.8
OR
phpphpMatch5.6.9
OR
phpphpMatch5.6.10
OR
phpphpMatch5.6.11
OR
phpphpMatch5.6.12
OR
phpphpMatch5.6.13
OR
phpphpMatch5.6.14
OR
phpphpMatch5.6.15
OR
phpphpMatch5.6.16
OR
phpphpMatch5.6.17
OR
phpphpMatch5.6.18
OR
phpphpMatch5.6.19
Node
applemac_os_xRange10.11.4
Node
phpphpMatch5.5.0
OR
phpphpMatch5.5.0alpha1
OR
phpphpMatch5.5.0alpha2
OR
phpphpMatch5.5.0alpha3
OR
phpphpMatch5.5.0alpha4
OR
phpphpMatch5.5.0alpha5
OR
phpphpMatch5.5.0alpha6
OR
phpphpMatch5.5.0beta1
OR
phpphpMatch5.5.0beta2
OR
phpphpMatch5.5.0beta3
OR
phpphpMatch5.5.0beta4
OR
phpphpMatch5.5.0rc1
OR
phpphpMatch5.5.0rc2
OR
phpphpMatch5.5.1
OR
phpphpMatch5.5.2
OR
phpphpMatch5.5.3
OR
phpphpMatch5.5.4
OR
phpphpMatch5.5.5
OR
phpphpMatch5.5.6
OR
phpphpMatch5.5.7
OR
phpphpMatch5.5.8
OR
phpphpMatch5.5.9
OR
phpphpMatch5.5.10
OR
phpphpMatch5.5.11
OR
phpphpMatch5.5.12
OR
phpphpMatch5.5.13
OR
phpphpMatch5.5.14
OR
phpphpMatch5.5.15
OR
phpphpMatch5.5.16
OR
phpphpMatch5.5.17
OR
phpphpMatch5.5.18
OR
phpphpMatch5.5.19
OR
phpphpMatch5.5.20
OR
phpphpMatch5.5.21
OR
phpphpMatch5.5.22
OR
phpphpMatch5.5.23
OR
phpphpMatch5.5.24
OR
phpphpMatch5.5.25
OR
phpphpMatch5.5.26
OR
phpphpMatch5.5.27
OR
phpphpMatch5.5.29
OR
phpphpMatch5.5.30
OR
phpphpMatch5.5.31
OR
phpphpMatch5.5.32
OR
phpphpMatch5.5.33
Node
phpphpMatch7.0.0
OR
phpphpMatch7.0.1
OR
phpphpMatch7.0.2
OR
phpphpMatch7.0.3
OR
phpphpMatch7.0.4
VendorProductVersionCPE
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
phpphp5.6.0cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
phpphp5.6.1cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 791

References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8

Confidence

Low

EPSS

0.493

Percentile

97.5%