CVE-2016-4538

2016-05-22T01:59:00
ID CVE-2016-4538
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:27:00

Description

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the zero, one, or two global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.