Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-4070

Опубликовано: 20 мая 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not).

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

released

5.5.9+dfsg-1ubuntu4.16
precise

released

5.3.10-1ubuntu3.22
trusty

released

5.5.9+dfsg-1ubuntu4.16
trusty/esm

released

5.5.9+dfsg-1ubuntu4.16
upstream

released

5.6.20+dfsg-1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

released

5.6.11+dfsg-1ubuntu3.2
xenial

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

7.0.8-3ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/xenial

released

7.0.4-7ubuntu2.1
precise

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

7.0.5-1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 91%
0.06468
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-4070

CVSS3: 7.5
redhat
больше 9 лет назад

Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not).

nvd логотип

CVE-2016-4070

CVSS3: 7.5
nvd
больше 9 лет назад

Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not).

debian логотип

CVE-2016-4070

CVSS3: 7.5
debian
больше 9 лет назад

Integer overflow in the php_raw_url_encode function in ext/standard/ur ...

github логотип

GHSA-h5h7-3865-j2r7

CVSS3: 7.5
github
больше 3 лет назад

** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not)."

fstec логотип

BDU:2022-02553

CVSS3: 7.5
fstec
больше 9 лет назад

Уязвимость функции php_raw_url_encode интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 91%
0.06468
Низкий

5 Medium

CVSS2

7.5 High

CVSS3