Lucene search

PRIOn knowledge basePRION:CVE-2016-9137

HistoryJan 04, 2017 - 8:59 p.m.

Design/Logic Flaw

2017-01-0420:59:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.2%

JSON

Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing.

CPENameOperatorVersion
phpeq7.0.11
phpeq7.0.4
phpeq7.0.3
phpeq7.0.1
phpeq7.0.7
phple5.6.26
phpeq7.0.2
phpeq7.0.9
phpeq7.0.8
phpeq7.0.5

Name	Operator	Version
php	eq	7.0.11
php	eq	7.0.4
php	eq	7.0.3
php	eq	7.0.1
php	eq	7.0.7
php	le	5.6.26
php	eq	7.0.2
php	eq	7.0.9
php	eq	7.0.8
php	eq	7.0.5

Rows per page:

1-10 of 131

References

git.php.net/?p=php-src.git%3Ba=commit%3Bh=0e6fe3a4c96be2d3e88389a5776f878021b4c59f

www.debian.org/security/2016/dsa-3698

www.openwall.com/lists/oss-security/2016/11/01/2

www.php.net/ChangeLog-5.php

www.php.net/ChangeLog-7.php

www.securityfocus.com/bid/93577

bugs.php.net/bug.php?id=73147

www.tenable.com/security/tns-2016-19