Linux Distros Unpatched Vulnerability : CVE-2016-7478

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zend/zendexceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service infinite loop via a crafted...

SUSE CVE-2016-7478

Zend/zendexceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service infinite loop via a crafted Exception object in serialized data, a related issue to CVE-2015-8876...

SUSE: Security Advisory (SUSE-SU-2017:0568-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:0534-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1545)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2017-1067)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2017-1068)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : php5 (SUSE-SU-2017:0556-1)

This update for php5 fixes the following issues : - CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite loop, causing denial of service bsc1019550 - CVE-2016-10158: The exifconvertanytoint function in ext/exif/exif.c in PHP allowed remote attackers to cause a...

SUSE SLES12 Security Update : php7 (SUSE-SU-2017:0534-1)

This update for php7 fixes the following security issues : - CVE-2016-7480: The SplObjectStorage unserialize implementation in ext/spl/splobserver.c in PHP did not verify that a key is an object, which allowed remote attackers to execute arbitrary code or cause a denial of service uninitialized...

Debian: Security Advisory (DLA-875-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-875-1 : php5 security update

Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. CVE-2016-7478: Zend/zendexceptions.c in PHP allows remote attacke...

[SECURITY] [DLA 875-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u8 CVE ID : CVE-2016-7478 CVE-2016-7479 CVE-2017-7272 Several issues have been discovered in PHP recursive acronym for PHP: Hypertext Preprocessor, a widely-used open source general-purpose scripting language that is especially suited for web development and...

Security update for php7 (important)

This update for php7 fixes the following security issues: - CVE-2016-7480: The SplObjectStorage unserialize implementation in ext/spl/splobserver.c in PHP did not verify that a key is an object, which allowed remote attackers to execute arbitrary code or cause a denial of service uninitialized...

SUSE SLES11 Security Update : php53 (SUSE-SU-2017:0568-1)

This update for php53 fixes the following security issues : - CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite loop, causing denial of service bsc1019550 - CVE-2016-10158: The exifconvertanytoint function in ext/exif/exif.c in PHP allowed remote attackers to...

Ubuntu 14.04 LTS : PHP vulnerabilities (USN-3196-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3196-1 advisory. It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PH...

USN-3196-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9912 It was discovered that PHP incorrectly handled...

CVE-2016-7478

Removed by vendor...

CVE-2016-7478

CVE-2016-7478 affects PHP (including 5.x before 5.6.28 and 7.x before 7.0.13) where a crafted serialized Exception object can trigger an infinite loop in Zend/zend_exceptions.c, leading to denial of service. The vulnerability is triggered during unserialize/exception handling and is related to CV...

CVE-2016-7478

Zend/zendexceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service infinite loop via a crafted Exception object in serialized data, a related issue to CVE-2015-8876...

FreeBSD : PHP -- multiple vulnerabilities (1b61ecef-cdb9-11e6-a9a5-b499baebfeaf)

Check Point reports : ... discovered 3 fresh and previously unknown vulnerabilities CVE-2016-7479, CVE-2016-7480, CVE-2016-7478 in the PHP 7 unserialize mechanism. The first two vulnerabilities allow attackers to take full control over servers, allowing them to do anything they want with the...