CVE-2016-7479

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
checkpointCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
phpphp
7.0.0
phpphp
7.0.1
phpphp
7.0.2
phpphp
7.0.3
phpphp
7.0.4
phpphp
7.0.5
phpphp
7.0.6
phpphp
7.0.7
phpphp
7.0.8
phpphp
7.0.9
phpphp
7.0.10
phpphp
7.0.11
phpphp
7.0.12
phpphp
7.0.14
phpphp
7.1.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
php5
yakkety
dne
xenial
dne
trusty
Fixed 5.5.9+dfsg-1ubuntu4.21
released
precise
Fixed 5.3.10-1ubuntu3.26
released
php7.0
yakkety
Fixed 7.0.15-0ubuntu0.16.10.2
released
xenial
Fixed 7.0.15-0ubuntu0.16.04.2
released
trusty
dne
precise
dne
Common Weakness Enumeration
References
http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7
http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf
http://www.securityfocus.com/bid/95151
http://www.securitytracker.com/id/1037659
https://access.redhat.com/errata/RHSA-2018:1296
https://bugs.php.net/bug.php?id=73092
https://security.netapp.com/advisory/ntap-20180112-0001/
https://www.youtube.com/watch?v=LDcaPstAuPk
http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7
http://blog.checkpoint.com/wp-content/uploads/2016/12/PHP_Technical_Report.pdf
http://www.securityfocus.com/bid/95151
http://www.securitytracker.com/id/1037659
https://access.redhat.com/errata/RHSA-2018:1296
https://bugs.php.net/bug.php?id=73092
https://security.netapp.com/advisory/ntap-20180112-0001/
https://www.youtube.com/watch?v=LDcaPstAuPk