9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
7.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.089 Low
EPSS
Percentile
94.4%
01/19/2016
Critical
Obsolete version of PHP was found in XAMPP & WAMP. Details about PHP vulnerabilities you can get at KLA10746.
PHP 7 versions earlier than 7.0.2
PHP 5.6 versions earlier than 5.6.17
PHP versions earlier than 5.5.31
Update XAMPP or WAMP if vendor released corresponding patch or update PHP module individually.
WAMP downloads page
XAMPP downloads page
ACE
CVE-2016-19047.5Critical
CVE-2016-19036.4High
CVE-2015-86167.5Critical
CVE-2015-68367.5Critical
CVE-2015-68335.0Warning
CVE-2015-68327.5Critical
CVE-2015-68317.5Critical
CVE-2015-65277.5Critical
CVE-2015-55907.5Critical
www.wampserver.com/en/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5590
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6527
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6831
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8616
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1903
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1904
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/PHP/
www.apachefriends.org/download.html
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
7.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.089 Low
EPSS
Percentile
94.4%