CVE-2016-3132

Опубликовано: 07 мар. 2016

Источник: redhat

CVSS2: 5.1

Описание

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	php	Not affected
Red Hat Enterprise Linux 5	php53	Not affected
Red Hat Enterprise Linux 6	php	Not affected
Red Hat Enterprise Linux 7	php	Not affected
Red Hat Software Collections	php54-php	Not affected
Red Hat Software Collections	php55-php	Not affected
Red Hat Software Collections	rh-php56-php	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=1333497php: Double free in SplDoublyLinkedList::offsetSet

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2016-3132

CVSS3: 9.8

ubuntu

около 9 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

CVE-2016-3132

CVSS3: 9.8

nvd

около 9 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

CVE-2016-3132

CVSS3: 9.8

debian

около 9 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet functi ...

GHSA-rpq8-3f5m-jp4r

CVSS3: 9.8

github

около 3 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

5.1 Medium

CVSS2