K56138200: PHP vulnerability CVE-2016-3078

Security Advisory Description Multiple integer overflows in phpzip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted call to 1 getFromIndex or 2...

Fedora 23 : php-pecl-zip (2016-4f3c77ef90)

Version 1.13.3 - Fixed bug php71923 integer overflow in ZipArchive::getFrom. CVE-2016-3078 Stas - Fixed bug php72258 ZipArchive converts filenames to unrecoverable form. Anatol - Fixed bug php72434 ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize. Dmitry Note th...

SOL56138200 - PHP vulnerability CVE-2016-3078

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

PHP ZIP Archive Heap Overflow (CVE-2016-3078)

A heap overflow vulnerability exists in PHP, due to an integer overflow when reading ZIP files. A remote attacker can exploit this vulnerability by sending a crafted ZIP archive to a web application running a vulnerable version of PHP. A successful attack can result in remote code execution under...