Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_98852
HistoryJan 09, 2019 - 12:00 a.m.

PHP 7.0.x < 7.0.6 Multiple Vulnerabilities

2019-01-0900:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
36
JSON

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.6. It is, therefore, affected by multiple vulnerabilities :

  • A signedness error exists in the GD Graphics library within file gd_gd2.c due to improper validation of user-supplied input when handling compressed GD2 data. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2016-3074)

  • An integer overflow condition exists in ZipArchive in the getFromIndex() and getFromName() functions due to improper validation of user-supplied input when handling specially crafted ZIP files. An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2016-3078)

  • An out-of-bounds read error exists within file ext/intl/grapheme/grapheme_string.c when handling negative offsets in the zif_grapheme_stripos() function. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or disclose memory contents.

  • An out-of-bounds read error exists in the php_str2num() function within file ext/bcmath/bcmath.c when handling negative scales. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the disclosure of memory contents.

  • An out-of-bounds read error exists in the exif_read_data() function within file ext/exif/exif.c when handling exif headers. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the disclosure of memory contents.

  • A flaw exists in the xml_parse_into_struct() function within file ext/xml/xml.c when handling specially crafted XML contents. An unauthenticated, remote attacker can exploit this to cause a denial of service condition.

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersionCPE
phpphp*cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Related

zdt 3
openvas 25
debiancve 2
prion 2
myhack58 2
ubuntucve 2
nessus 29
archlinux 1
debian 4
fedora 5
osv 2
packetstorm 3
alpinelinux 1
checkpoint_advisories 2
exploitpack 2
cve 2
f5 4
seebug 1
freebsd 1
mageia 1
slackware 1
threatpost 1
exploitdb 2
gentoo 2
ubuntu 2
cloudfoundry 1
suse 2
amazon 1
cloudlinux 1
veracode 57
redhat 1
rosalinux 1
zdt
zdt
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
2016-04-28 00:00:00
libgd 2.1.1 - Signedness Heap Overflow
2016-04-26 00:00:00
PHP LibGD Heap Buffer Overflow Exploit
2017-01-17 00:00:00
openvas
openvas
PHP Denial of Service Vulnerability - 01 (Aug 2016) - Windows
2016-08-17 00:00:00
Mageia: Security Advisory (MGASA-2016-0152)
2016-05-09 00:00:00
Debian: Security Advisory (DSA-3556-1)
2016-04-23 00:00:00
debiancve
debiancve
CVE-2016-3078
2016-08-07 10:59:00
CVE-2016-3074
2016-04-26 14:59:00
prion
prion
Integer overflow
2016-08-07 10:59:00
Integer overflow
2016-04-26 14:59:00
myhack58
myhack58
Safety warning: PHP zip component integer overflow remote command execution-vulnerability warning-the black bar safety net
2016-05-09 00:00:00
CVE-2016-3078 PHP ZipArchive Integer Overflow analysis-vulnerability warning-the black bar safety net
2017-03-15 00:00:00
ubuntucve
ubuntucve
CVE-2016-3078
2016-04-29 00:00:00
CVE-2016-3074
2016-04-26 00:00:00
nessus
nessus
Slackware 14.0 / 14.1 / current : php (SSA:2016-120-02)
2016-05-02 00:00:00
Fedora 24 : gd-2.1.1-7.fc24 (2016-0c57b12c7b)
2016-05-09 00:00:00
Juniper Junos libgd Compressed GD2 Data RCE (JSA10798)
2017-07-31 00:00:00
archlinux
archlinux
gd: arbitrary code execution
2016-05-06 00:00:00
debian
debian
[SECURITY] [DSA 3556-1] libgd2 security update
2016-04-24 10:29:29
[SECURITY] [DSA 3556-1] libgd2 security update
2016-04-24 10:29:29
[SECURITY] [DSA 3602-1] php5 security update
2016-06-14 15:43:55
fedora
fedora
[SECURITY] Fedora 23 Update: gd-2.1.1-5.fc23
2016-04-30 00:27:18
[SECURITY] Fedora 24 Update: gd-2.1.1-7.fc24
2016-05-07 12:28:06
[SECURITY] Fedora 22 Update: gd-2.1.1-3.fc22
2016-05-16 14:58:01
osv
osv
libgd2 - security update
2016-04-24 00:00:00
CVE-2016-3074
2016-04-26 14:59:00
packetstorm
packetstorm
PHP LibGD Heap Buffer Overflow
2017-01-17 00:00:00
libgd 2.1.1 Signedness
2016-04-21 00:00:00
PHP 7.x Heap Overflow
2016-04-28 00:00:00
alpinelinux
alpinelinux
CVE-2016-3074
2016-04-26 14:59:00
checkpoint_advisories
checkpoint_advisories
PHP ZIP Archive Heap Overflow (CVE-2016-3078)
2016-05-03 00:00:00
GD Library libgd gd_gd2.c Heap Buffer Overflow (CVE-2016-3074)
2016-05-29 00:00:00
exploitpack
exploitpack
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
2016-04-28 00:00:00
libgd 2.1.1 - Signedness Heap Overflow
2016-04-26 00:00:00
cve
cve
CVE-2016-3078
2016-08-07 10:59:00
CVE-2016-3074
2016-04-26 14:59:00
f5
f5
K56138200 : PHP vulnerability CVE-2016-3078
2016-05-24 00:00:00
SOL56138200 - PHP vulnerability CVE-2016-3078
2016-05-24 00:00:00
K34958244 : PHP vulnerability CVE-2016-3074
2016-05-31 00:00:00
seebug
seebug
libgd 2.1.1 - Signedness Heap Overflow
2017-01-18 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2016-04-28 00:00:00
mageia
mageia
Updated libgd packages fix CVE-2016-3074
2016-04-26 21:02:43
slackware
slackware
[slackware-security] php
2016-04-29 21:57:42
threatpost
threatpost
Juniper Issues Security Alert Tied to Routers and Switches
2017-08-10 13:56:38
exploitdb
exploitdb
libgd 2.1.1 - Signedness Heap Overflow
2016-04-26 00:00:00
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
2016-04-28 00:00:00
gentoo
gentoo
GD: Multiple vulnerabilities
2016-07-16 00:00:00
PHP: Multiple vulnerabilities
2016-11-30 00:00:00
ubuntu
ubuntu
GD library vulnerabilities
2016-05-31 00:00:00
PHP vulnerabilities
2016-05-24 00:00:00
cloudfoundry
cloudfoundry
USN-2987-1 GD library vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
suse
suse
Security update for php5 (important)
2016-05-11 14:07:47
Security update for php5 (important)
2016-06-11 14:14:42
amazon
amazon
Important: php56, php55
2016-05-03 10:30:00
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:02:26
Arbitrary Code Execution
2019-05-02 06:02:23
Null Pointer Dereference
2019-05-02 06:02:24
redhat
redhat
(RHSA-2016:2750) Moderate: rh-php56 security, bug fix, and enhancement update
2016-11-15 11:13:31
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
JSON
Related for WEB_APPLICATION_SCANNING_98852
zdt3openvas25debiancve2prion2myhack582ubuntucve2nessus29archlinux1debian4fedora5osv2packetstorm3alpinelinux1checkpoint_advisories2exploitpack2cve2f54seebug1freebsd1mageia1slackware1threatpost1exploitdb2gentoo2ubuntu2cloudfoundry1suse2amazon1cloudlinux1veracode57redhat1rosalinux1