php: Int/size_t confusion in SplFileObject::fread

A type confusion issue was found in the SPLFileObject fread function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application...

CVE-2016-5770

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

CVE-2016-5770

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

Integer overflow

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

CVE-2016-5770

Removed by vendor...

EUVD-2016-6705

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

CVE-2016-5770

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

CVE-2016-5770

CVE-2016-5770 involves an integer overflow in the SplFileObject::fread function (spl_directory.c) of the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23. The overflow can be triggered by a large integer argument, enabling remote denial of service or other unspecified impact. Root cause...

CVE-2016-5770

A type confusion issue was found in the SPLFileObject fread function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application...

Internet Bug Bounty: Integer Overflow in SplFileObject::fread

https://bugs.php.net/bug.php?id=72262...

PHP 5.4.x < 5.4.30 Multiple Vulnerabilities

According to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.30. It is, therefore, affected by the following vulnerabilities : - Boundary checking errors exist related to the Fileinfo extension, Composite Document Format CDF handling and the functions...