Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2016-5385

🗓️ 19 Jul 2016 01:00:00Reported by redhatType 
cve
 cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 399 Views

PHP 7.0.8 does not address RFC 3875 section 4.1.18, leading to potential HTTP_PROXY environment variable manipulation

Related
Detection
Refs
Social
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Release of QRadar 7.2.8 Patch 4 (7.2.8.20170224202650) Updated w/Security Bulletins
10 May 201914:29
ibm
IBM Security Bulletins		Security Bulletin: A vulnerability in PHP affects PowerKVM (CVE-2016-5385)
18 Jun 201801:33
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem models 840 and 900
18 Feb 202301:45
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem model V840
18 Jun 201800:32
ibm
IBM Security Bulletins		Security Bulletin: Multiple security issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On
16 Jun 201820:06
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities affecting web servers that run code in a CGI or CGI-like context affects IBM API Connect (CVE-2016-5385, CVE-2016-1000105)
15 Jun 201807:06
ibm
IBM Security Bulletins		Security Bulletin: IBM QRadar SIEM is vulnerable to various CGI vulnerabilities. (CVE-2016-5385, CVE-2016-5387, CVE-2016-5388)
16 Jun 201821:48
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect SAN Volume Controller, Storwize family and FlashSystem V9000 products
29 Mar 202301:48
ibm
Tenable Nessus		PHP 5.5.x < 5.5.38 / 5.6.x < 5.6.24 / 7.0.x < 7.0.9 Multiple Vulnerabilities
5 Aug 201600:00
nessus
Tenable Nessus		Amazon Linux AMI : php55 / php56 (ALAS-2016-728) (httpoxy)
2 Aug 201600:00
nessus
Rows per page
NVD
Node
oraclecommunications_user_data_repositoryMatch10.0.0
OR
oraclecommunications_user_data_repositoryMatch10.0.1
OR
oraclecommunications_user_data_repositoryMatch12.0.0
OR
oracleenterprise_manager_ops_centerMatch12.2.2
OR
oracleenterprise_manager_ops_centerMatch12.3.2
OR
oraclelinuxMatch6-
OR
oraclelinuxMatch7-
Node
fedoraprojectfedoraMatch23
OR
fedoraprojectfedoraMatch24
Node
hpstoreever_msl6480_tape_library_firmwareRange5.09
AND
hpstoreever_msl6480_tape_libraryMatch-
Node
hpsystem_management_homepageRange7.5.5.0
Node
phpphpRange5.5.05.5.38
OR
phpphpRange5.6.05.6.24
OR
phpphpRange7.0.07.0.8
Node
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_workstationMatch6.0
Node
debiandebian_linuxMatch8.0
Node
opensuseleapMatch42.1
Node
drupaldrupalRange8.0.08.1.7

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 May 2026 22:30Current
8High risk
Vulners AI Score8
CVSS 25.1
CVSS 3.18.1
EPSS0.83504
CWE-601
phpcve-2016-5385httpoxysecurityvulnerability
399