CVE-2016-4538

Опубликовано: 22 мая 2016

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the zero, one, or two global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	5.5.9+dfsg-1ubuntu4.17
precise	released	5.3.10-1ubuntu3.23
trusty	released	5.5.9+dfsg-1ubuntu4.17
trusty/esm	not-affected	5.5.9+dfsg-1ubuntu4.17
upstream	released	5.6.21+dfsg-1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	released	5.6.11+dfsg-1ubuntu3.4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	7.0.8-3ubuntu1
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	7.0.4-7ubuntu2.1
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	7.0.6-1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 88%

0.04049

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2016-4538

redhat

больше 9 лет назад

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.

CVE-2016-4538

CVSS3: 9.8

nvd

около 9 лет назад

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.

CVE-2016-4538

CVSS3: 9.8

debian

около 9 лет назад

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6 ...

GHSA-w758-w9qr-5vxq

CVSS3: 9.8

github

около 3 лет назад

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.

BDU:2016-01438

fstec

около 9 лет назад

Уязвимость интерпретатора PHP, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

EPSS

Процентиль: 88%

0.04049

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2016-4538

Описание

Пакет php5

Пакет php7.0

Ссылки на источники

Связанные уязвимости