Showing 1 - 3 of 3

CVE-2016-7411

Status Candidate

Overview

ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.

Related Files

Apple Security Advisory 2016-12-13-1: Posted Dec 14, 2016; Authored by Apple | Site apple.com; Apple Security Advisory 2016-12-13-1 - macOS 10.12.2 is now available and addresses arbitrary code execution, denial of service, and various other vulnerabilities.; tags | advisory, denial of service, arbitrary, vulnerability, code execution; systems | apple; advisories | CVE-2016-1777, CVE-2016-1823, CVE-2016-4688, CVE-2016-4691, CVE-2016-4693, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-6303, CVE-2016-6304, CVE-2016-7141, CVE-2016-7167, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-7588, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7596, CVE-2016-7600, CVE-2016-7602, CVE-2016-7603, CVE-2016-7604; SHA-256 | 68bf50743be919151d9547b2351d633298a9bfe57d7160fac7541f89315f5b98; Download | Favorite | View

Ubuntu Security Notice USN-3095-1: Posted Oct 4, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3095-1 - Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Taoguang Chen discovered that PHP incorrectly handled invalid session names. A remote attacker could use this issue to inject arbitrary session data. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary, php; systems | linux, ubuntu; advisories | CVE-2016-7124, CVE-2016-7125, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7133, CVE-2016-7134, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418; SHA-256 | 5aec96083f99da181560a00863dcd9ce51c64d925bc8cd911930c3d8b4c4d77e; Download | Favorite | View

Slackware Security Advisory - php Updates: Posted Sep 26, 2016; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.; tags | advisory, php; systems | linux, slackware; advisories | CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418; SHA-256 | d1146059acae606dba55155e175af3612b0879fd85deb29bc4ed78ae42d5428e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 252 files
Ubuntu 59 files
Debian 19 files
LiquidWorm 17 files
Apple 9 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files
Google Security Research 3 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2016-7411

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems