CVE-2016-7479
12.01.2017, 00:59
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| php | php | 7.0.0 |
| php | php | 7.0.1 |
| php | php | 7.0.2 |
| php | php | 7.0.3 |
| php | php | 7.0.4 |
| php | php | 7.0.5 |
| php | php | 7.0.6 |
| php | php | 7.0.7 |
| php | php | 7.0.8 |
| php | php | 7.0.9 |
| php | php | 7.0.10 |
| php | php | 7.0.11 |
| php | php | 7.0.12 |
| php | php | 7.0.14 |
| php | php | 7.1.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| php70 |
| ||
| php70-bcmath |
| ||
| php70-cli |
| ||
| php70-common |
| ||
| php70-dba |
| ||
| php70-dbg |
| ||
| php70-debuginfo |
| ||
| php70-devel |
| ||
| php70-embedded |
| ||
| php70-enchant |
| ||
| php70-fpm |
| ||
| php70-gd |
| ||
| php70-gmp |
| ||
| php70-imap |
| ||
| php70-intl |
| ||
| php70-json |
| ||
| php70-ldap |
| ||
| php70-mbstring |
| ||
| php70-mcrypt |
| ||
| php70-mysqlnd |
| ||
| php70-odbc |
| ||
| php70-opcache |
| ||
| php70-pdo |
| ||
| php70-pdo-dblib |
| ||
| php70-pgsql |
| ||
| php70-process |
| ||
| php70-pspell |
| ||
| php70-recode |
| ||
| php70-snmp |
| ||
| php70-soap |
| ||
| php70-tidy |
| ||
| php70-xml |
| ||
| php70-xmlrpc |
| ||
| php70-zip |
|
Common Weakness Enumeration
References