CVE-2016-3132

Опубликовано: 07 авг. 2016

Источник: ubuntu

Приоритет: medium

CVSS2: 7.5

CVSS3: 9.8

Описание

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	php-7.0 only
precise	not-affected	php-7.0 only
trusty	not-affected	php-7.0 only
trusty/esm	not-affected	php-7.0 only
upstream	not-affected	php-7.0 only
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	not-affected	php-7.0 only
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	7.0.8-3ubuntu1
esm-infra-legacy/trusty	DNE
esm-infra/xenial	released	7.0.4-7ubuntu2.1
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	7.0.6-1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2016-3132

redhat

больше 9 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

CVE-2016-3132

CVSS3: 9.8

nvd

около 9 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

CVE-2016-3132

CVSS3: 9.8

debian

около 9 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet functi ...

GHSA-rpq8-3f5m-jp4r

CVSS3: 9.8

github

больше 3 лет назад

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2016-3132

Описание

Пакет php5

Пакет php7.0

Ссылки на источники

Связанные уязвимости