Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-5095

Опубликовано: 07 авг. 2016
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.5
CVSS3: 8.6

Описание

Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

not-affected

5.5.9+dfsg-1ubuntu4.19
precise

released

5.3.10-1ubuntu3.24
trusty

released

5.5.9+dfsg-1ubuntu4.19
trusty/esm

not-affected

5.5.9+dfsg-1ubuntu4.19
upstream

released

5.6.22+dfsg-1
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

ignored

end of life
xenial

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%
0.02075
Низкий

7.5 High

CVSS2

8.6 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-5095

redhat
около 9 лет назад

Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.

nvd логотип

CVE-2016-5095

CVSS3: 8.6
nvd
почти 9 лет назад

Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.

debian логотип

CVE-2016-5095

CVSS3: 8.6
debian
почти 9 лет назад

Integer overflow in the php_escape_html_entities_ex function in ext/st ...

github логотип

GHSA-93jw-q774-wqcf

CVSS3: 8.6
github
около 3 лет назад

Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.

fstec логотип

BDU:2022-02547

CVSS3: 8.6
fstec
почти 9 лет назад

Уязвимость функции php_escape_html_entities_ex (ext/standard/html.c) интерпретатора языка программирования PHP, позволяющая нарушителю вызвать отказ в обслуживании или, возможно, оказать другое воздействие

EPSS

Процентиль: 83%
0.02075
Низкий

7.5 High

CVSS2

8.6 High

CVSS3