Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch.

OSVersionArchitecturePackageVersionFilename
Debian9allphp7.0< 7.0.33-0+deb9u8php7.0_7.0.33-0+deb9u8_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	all	php7.0	< 7.0.33-0+deb9u8	php7.0_7.0.33-0+deb9u8_all.deb

osv 3

prion 1

nvd 1

cvelist 1

cve 1

veracode 2

ubuntucve 1

redhatcve 1

github 1

openvas 17

nessus 27

debian 3

mageia 1

gentoo 1

amazon 2

slackware 1

suse 4

ubuntu 3

cloudfoundry 1

redhat 1

cloudlinux 1

apple 2

rosalinux 1

osv

CVE-2016-10160

2017-01-24 21:59:00

php5 - security update

2017-02-08 00:00:00

php5 - security update

2017-02-07 00:00:00

prion

Memory corruption

2017-01-24 21:59:00

nvd

CVE-2016-10160

2017-01-24 21:59:00

cvelist

CVE-2016-10160

2017-01-24 21:00:00

cve

CVE-2016-10160

2017-01-24 21:59:00

veracode

Arbitrary Code Execution

2019-05-16 02:59:57

Use After Free

2019-05-16 02:59:58

ubuntucve

CVE-2016-10160

2017-01-24 00:00:00

redhatcve

CVE-2016-10160

2017-02-03 12:49:32

github

ICYMI: improved C++ vulnerability coverage and CodeQL support for Lombok

2023-10-19 19:14:39

openvas

PHP Multiple Denial of Service Vulnerabilities - 02 (Jan 2017) - Linux

2017-01-25 00:00:00

PHP Multiple Denial of Service Vulnerabilities - 02 (Jan 2017) - Windows

2017-01-25 00:00:00

Debian Security Advisory DSA 3783-1 (php5 - security update)

2017-02-08 00:00:00

nessus

Debian DSA-3783-1 : php5 - security update

2017-02-09 00:00:00

PHP 5.6.x < 5.6.30 Multiple DoS

2019-01-09 00:00:00

GLSA-201702-29 : PHP: Multiple vulnerabilities

2017-02-21 00:00:00

debian

[SECURITY] [DSA 3783-1] php5 security update

2017-02-09 02:28:30

[SECURITY] [DSA 3783-1] php5 security update

2017-02-09 02:28:30

[SECURITY] [DLA 818-1] php5 security update

2017-02-07 16:25:20

mageia

Updated php packages fix security vulnerabilities

2017-02-04 21:41:12

gentoo

PHP: Multiple vulnerabilities

2017-02-21 00:00:00

amazon

Medium: php56

2017-03-28 23:30:00

Medium: php70

2017-03-29 20:15:00

slackware

[slackware-security] php

2017-02-10 20:41:10

suse

Security update for php53 (important)

2017-02-27 18:08:46

Security update for php5 (important)

2017-02-23 15:08:17

Security update for php7 (important)

2017-03-02 15:12:04

ubuntu

PHP vulnerabilities

2017-02-14 00:00:00

PHP regression

2017-03-02 00:00:00

PHP vulnerabilities

2017-02-23 00:00:00

cloudfoundry

Multiple PHP vulnerabilities | Cloud Foundry

2017-03-17 00:00:00

redhat

(RHSA-2018:1296) Moderate: rh-php70-php security, bug fix, and enhancement update

2018-05-03 03:21:11

cloudlinux

Fix of 227 CVE

2020-10-15 12:00:00

apple

About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite - Apple Support

2017-08-29 02:52:03

About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite

2017-03-27 00:00:00

rosalinux

Advisory ROSA-SA-2021-1950

2021-07-02 17:57:45

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.024 Low

EPSS

Percentile

89.9%

JSON

Related for DEBIANCVE:CVE-2016-10160