Lucene search
PRIOn knowledge basePRION:CVE-2016-7413HistorySep 17, 2016 - 9:59 p.m.
Design/Logic Flaw
2016-09-1721:59:00
PRIOn knowledge base
www.prio-n.com
5
Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call.
References
www.openwall.com/lists/oss-security/2016/09/15/10
www.php.net/ChangeLog-5.php
www.php.net/ChangeLog-7.php
www.securityfocus.com/bid/93006
www.securitytracker.com/id/1036836
access.redhat.com/errata/RHSA-2018:1296
bugs.php.net/bug.php?id=72860
github.com/php/php-src/commit/b88393f08a558eec14964a55d3c680fe67407712?w=1
security.gentoo.org/glsa/201611-22
www.tenable.com/security/tns-2016-19
Related
debiancve
debiancve
CVE-2016-7413
2016-09-17 21:59:00
checkpoint_advisories
checkpoint_advisories
PHP WDDX Deserialization Use After Free (CVE-2016-7413)
2016-09-27 00:00:00
alpinelinux
alpinelinux
CVE-2016-7413
2016-09-17 21:59:04
veracode
veracode
Use After Free
2019-05-16 02:59:58
Use After Free
2019-05-16 02:59:58
ubuntucve
ubuntucve
CVE-2016-7413
2016-09-17 00:00:00
cvelist
cvelist
CVE-2016-7413
2016-09-17 21:00:00
cve
cve
CVE-2016-7413
2016-09-17 21:59:04
redhatcve
redhatcve
CVE-2016-7413
2016-09-19 12:48:59
nvd
nvd
CVE-2016-7413
2016-09-17 21:59:04
nessus
nessus
Amazon Linux AMI : php70 (ALAS-2016-754)
2016-10-13 00:00:00
PHP 7.0.x < 7.0.11 Multiple Vulnerabilities
2019-01-09 00:00:00
openvas
openvas
PHP Multiple Vulnerabilities - 03 (Sep 2016) - Linux
2016-09-12 00:00:00
PHP Multiple Vulnerabilities - 03 (Sep 2016) - Windows
2016-09-12 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-754)
2016-10-26 00:00:00
amazon
amazon
Medium: php70
2016-10-12 17:00:00
Medium: php56
2016-10-12 17:00:00
freebsd
freebsd
PHP -- multiple vulnerabilities
2016-09-15 00:00:00
PHP -- multiple vulnerabilities
2016-09-16 00:00:00
suse
suse
Security update for php5 (important)
2016-10-07 21:12:50
Security update for php5 (important)
2016-11-01 16:07:21
Security update for php5 (important)
2016-10-04 16:10:25
slackware
slackware
[slackware-security] php
2016-09-23 23:31:48
mageia
mageia
Updated php packages fix security vulnerabilities
2016-09-25 18:45:31
fedora
fedora
[SECURITY] Fedora 23 Update: php-5.6.26-1.fc23
2016-09-28 04:52:34
[SECURITY] Fedora 24 Update: php-5.6.26-1.fc24
2016-09-27 03:58:11
archlinux
archlinux
php: multiple issues
2016-09-18 00:00:00
ibm
ibm
osv
osv
php5 - security update
2016-12-16 00:00:00
debian
debian
[SECURITY] [DLA 749-1] php5 security update
2016-12-16 21:48:18
[SECURITY] [DSA 3689-1] php5 security update
2016-10-08 13:53:04
[SECURITY] [DSA 3689-1] php5 security update
2016-10-08 13:53:04
cloudfoundry
cloudfoundry
USN-3095-1 PHP vulnerabilities | Cloud Foundry
2016-10-04 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2016-10-04 00:00:00
redhat
redhat
gentoo
gentoo
PHP: Multiple vulnerabilities
2016-11-30 00:00:00
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
apple
apple
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45