CVE

Id
93117  
CVE No.
CVE-2016-6297  
Status
Candidate  
Description
Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL.  
Phase
Assigned (20160724)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
792692 93117 CVE-2016-6297 MLIST:[oss-security] 20160724 Re: Fwd: CVE for PHP 5.5.38 issues  View
792693 93117 CVE-2016-6297 URL:http://openwall.com/lists/oss-security/2016/07/24/2  View
792694 93117 CVE-2016-6297 MISC:http://fortiguard.com/advisory/fortinet-discovers-php-stack-based-buffer-overflow-vulnerabilities  View
792695 93117 CVE-2016-6297 CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9  View
792696 93117 CVE-2016-6297 CONFIRM:http://php.net/ChangeLog-5.php  View
792697 93117 CVE-2016-6297 CONFIRM:http://php.net/ChangeLog-7.php  View
792698 93117 CVE-2016-6297 CONFIRM:https://bugs.php.net/72520  View
792699 93117 CVE-2016-6297 CONFIRM:https://support.apple.com/HT207170  View
792700 93117 CVE-2016-6297 APPLE:APPLE-SA-2016-09-20  View
792701 93117 CVE-2016-6297 URL:http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html  View
792702 93117 CVE-2016-6297 BID:92099  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
5481 JVNDB-2016-006254 phpMyAdmin のエクスポートメカニズムにおけるディスク上のフルパスを取得される脆弱性 phpMyAdmin のエクスポートメカニズムには、ディスク上のフルパスを取得される脆弱性が存在します。 CVE-2016-6610 93117 4 4.3 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-006254.html  View