Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2016-7479
HistoryJan 12, 2017 - 12:59 a.m.

CVE-2016-7479

2017-01-1200:59:00
Debian Security Bug Tracker
security-tracker.debian.org
6

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

In all versions of PHP 7, during the unserialization process, resizing the ‘properties’ hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.

OSVersionArchitecturePackageVersionFilename
Debian9allphp7.0< 7.0.33-0+deb9u8php7.0_7.0.33-0+deb9u8_all.deb

Related

prion 1
ubuntucve 2
f5 1
osv 3
checkpoint_advisories 1
redhatcve 1
cve 1
nessus 12
freebsd 1
openvas 5
thn 1
debian 1
amazon 1
cloudfoundry 1
ubuntu 3
suse 2
redhat 1
veracode 1
prion
prion
Code injection
2017-01-12 00:59:00
ubuntucve
ubuntucve
CVE-2016-7479
2017-01-11 00:00:00
CVE-2016-9138
2017-01-04 00:00:00
f5
f5
K05918709 : PHP vulnerability CVE-2016-7479
2017-03-14 00:00:00
osv
osv
CVE-2016-7479
2017-01-12 00:59:00
php5 - security update
2017-03-28 00:00:00
php5 - security update
2017-02-08 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP 7 Unserialization Malicious toString Remote Code Execution (CVE-2016-7479)
2016-10-18 00:00:00
redhatcve
redhatcve
CVE-2016-7479
2017-01-12 15:17:50
cve
cve
CVE-2016-7479
2017-01-12 00:59:00
nessus
nessus
FreeBSD : PHP -- multiple vulnerabilities (1b61ecef-cdb9-11e6-a9a5-b499baebfeaf)
2017-01-05 00:00:00
Debian DLA-875-1 : php5 security update
2017-03-28 00:00:00
PHP 7.1.x < 7.1.1 Multiple Vulnerabilities
2019-01-09 00:00:00
freebsd
freebsd
PHP -- multiple vulnerabilities
2016-12-27 00:00:00
openvas
openvas
Debian LTS: Security Advisory for php5 (DLA-875-1)
2018-01-12 00:00:00
Ubuntu Update for php7.0 USN-3211-1
2017-02-24 00:00:00
Ubuntu Update for php7.0 USN-3211-2
2017-03-03 00:00:00
thn
thn
3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!
2016-12-28 23:45:00
debian
debian
[SECURITY] [DLA 875-1] php5 security update
2017-03-27 23:05:29
amazon
amazon
Medium: php70
2017-03-29 20:15:00
cloudfoundry
cloudfoundry
Multiple PHP vulnerabilities | Cloud Foundry
2017-03-17 00:00:00
ubuntu
ubuntu
PHP regression
2017-03-02 00:00:00
PHP vulnerabilities
2017-02-23 00:00:00
PHP vulnerabilities
2017-02-14 00:00:00
suse
suse
Security update for php7 (important)
2017-02-22 15:08:24
Security update for php7 (important)
2017-03-02 15:12:04
redhat
redhat
(RHSA-2018:1296) Moderate: rh-php70-php security, bug fix, and enhancement update
2018-05-03 03:21:11
veracode
veracode
Use After Free
2019-05-16 02:59:58

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for DEBIANCVE:CVE-2016-7479
prion1ubuntucve2f51osv3checkpoint_advisories1redhatcve1cve1nessus12freebsd1openvas5thn1debian1amazon1cloudfoundry1ubuntu3suse2redhat1veracode1