Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2016-7480HistoryJan 11, 2017 - 7:59 a.m.
CVE-2016-7480
2017-01-1107:59:00
Debian Security Bug Tracker
security-tracker.debian.org
13
0.005 Low
EPSS
Percentile
75.8%
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | php7.0 | < 7.0.33-0+deb9u8 | php7.0_7.0.33-0+deb9u8_all.deb |
Related
osv
osv
CVE-2016-7480
2017-01-11 07:59:00
kaspersky
kaspersky
ubuntucve
ubuntucve
CVE-2016-7480
2017-01-11 00:00:00
openvas
openvas
PHP < 7.0.12 RCE / DoS Vulnerability - Windows
2021-11-29 00:00:00
PHP < 7.0.12 RCE / DoS Vulnerability - Linux
2021-11-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0534-1)
2021-06-09 00:00:00
cvelist
cvelist
CVE-2016-7480
2017-01-11 06:45:00
prion
prion
Code injection
2017-01-11 07:59:00
cve
cve
CVE-2016-7480
2017-01-11 07:59:00
redhatcve
redhatcve
CVE-2016-7480
2017-01-25 16:17:50
nvd
nvd
CVE-2016-7480
2017-01-11 07:59:00
nessus
nessus
Amazon Linux AMI : php70 (ALAS-2017-788)
2017-01-27 00:00:00
openSUSE Security Update : php7 (openSUSE-2017-304)
2017-03-07 00:00:00
freebsd
freebsd
PHP -- multiple vulnerabilities
2016-12-27 00:00:00
thn
thn
3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!
2016-12-28 23:45:00
amazon
amazon
Medium: php70
2017-01-26 18:00:00
suse
suse
Security update for php7 (important)
2017-03-02 15:12:04
Security update for php7 (important)
2017-02-22 15:08:24
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45