Lucene search
GoogleOSV:CVE-2016-7480HistoryJan 11, 2017 - 7:59 a.m.
CVE-2016-7480
2017-01-1107:59:00
Google
osv.dev
2
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data.
References
blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7
blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf
php.net/ChangeLog-7.php
www.securityfocus.com/bid/95152
bugs.php.net/bug.php?id=73257
github.com/php/php-src/commit/61cdd1255d5b9c8453be71aacbbf682796ac77d4
security.netapp.com/advisory/ntap-20180112-0001/
www.youtube.com/watch?v=LDcaPstAuPk
Related
debiancve
debiancve
CVE-2016-7480
2017-01-11 07:59:00
kaspersky
kaspersky
prion
prion
Code injection
2017-01-11 07:59:00
ubuntucve
ubuntucve
CVE-2016-7480
2017-01-11 00:00:00
openvas
openvas
PHP < 7.0.12 RCE / DoS Vulnerability - Windows
2021-11-29 00:00:00
PHP < 7.0.12 RCE / DoS Vulnerability - Linux
2021-11-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0534-1)
2021-06-09 00:00:00
cvelist
cvelist
CVE-2016-7480
2017-01-11 06:45:00
cve
cve
CVE-2016-7480
2017-01-11 07:59:00
redhatcve
redhatcve
CVE-2016-7480
2017-01-25 16:17:50
nvd
nvd
CVE-2016-7480
2017-01-11 07:59:00
nessus
nessus
Amazon Linux AMI : php70 (ALAS-2017-788)
2017-01-27 00:00:00
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:0534-1)
2019-01-02 00:00:00
freebsd
freebsd
PHP -- multiple vulnerabilities
2016-12-27 00:00:00
thn
thn
3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!
2016-12-28 23:45:00
amazon
amazon
Medium: php70
2017-01-26 18:00:00
suse
suse
Security update for php7 (important)
2017-03-02 15:12:04
Security update for php7 (important)
2017-02-22 15:08:24
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45