Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-7411

Опубликовано: 17 сент. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

released

5.5.9+dfsg-1ubuntu4.20
precise

released

5.3.10-1ubuntu3.25
trusty

released

5.5.9+dfsg-1ubuntu4.20
trusty/esm

released

5.5.9+dfsg-1ubuntu4.20
upstream

released

5.6.26
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

precise

DNE

trusty

DNE

trusty/esm

DNE

upstream

not-affected

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 74%
0.00868
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-7411

CVSS3: 5.3
redhat
около 9 лет назад

ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.

nvd логотип

CVE-2016-7411

CVSS3: 9.8
nvd
около 9 лет назад

ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.

debian логотип

CVE-2016-7411

CVSS3: 9.8
debian
около 9 лет назад

ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles objec ...

github логотип

GHSA-chxh-4r5m-9x52

CVSS3: 9.8
github
больше 3 лет назад

ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.

fstec логотип

BDU:2022-02414

CVSS3: 9.8
fstec
около 9 лет назад

Уязвимость компонента ext/standard/var_unserializer.re интерпретатора языка программирования PHP , позволяющая нарушителю вызвать отказ в обслуживании или, возможно, оказать другое воздействие

EPSS

Процентиль: 74%
0.00868
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3