CVE-2016-5399

Related Files

HP Security Bulletin HPSBST03671 2

Posted Jan 15, 2017

Authored by HP | Site hp.com

HP Security Bulletin HPSBST03671 2 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service. Revision 2 of this advisory.

tags | advisory, remote, denial of service, php

advisories | CVE-2013-7456, CVE-2016-3074, CVE-2016-5093, CVE-2016-5094, CVE-2016-5096, CVE-2016-5385, CVE-2016-5399, CVE-2016-5766, CVE-2016-5767, CVE-2016-5768, CVE-2016-5769, CVE-2016-5770, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6207, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6293, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297

SHA-256 | 74f9f0b80ca8d59cd41c5d09975ba20cb91f186b15a715a72840744163cf4c42

Download | Favorite | View

Red Hat Security Advisory 2016-2598-02

Posted Nov 4, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2598-02 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: A flaw was found in the way certain error conditions were handled by bzread() function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permissions of the user running the PHP application.

tags | advisory, web, arbitrary, php

systems | linux, redhat

advisories | CVE-2016-5399, CVE-2016-5766, CVE-2016-5767, CVE-2016-5768

SHA-256 | 0ac1d44bc1b4ff934ac63b7a99f65417137a7c3af28173760451af2b834039d0

Download | Favorite | View

Ubuntu Security Notice USN-3045-1

Posted Aug 2, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3045-1 - It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php

systems | linux, ubuntu

advisories | CVE-2015-4116, CVE-2015-8873, CVE-2015-8876, CVE-2015-8935, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5385, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297

SHA-256 | 47fc0ea179e44d1fcb53b84c0bfce2c297ab17348494c2a4bfed673be21e1948

Download | Favorite | View

Debian Security Advisory 3631-1

Posted Jul 27, 2016

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3631-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability

systems | linux, debian

advisories | CVE-2016-5385, CVE-2016-5399, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297

SHA-256 | 38a66d762d614a958d7801c279d78dadb3c6ac4fce34ef4bc800ff8d7a0c22ae

Download | Favorite | View

PHP 7.0.8 / 5.6.23 / 5.5.37 bzread() OOB Write

Posted Jul 21, 2016

Authored by Hans Jerry Illikainen

PHP versions 7.0.8, 5.6.23, and 5.5.37 suffers from an out-of-bounds write vulnerability in bzread().

tags | exploit, php

advisories | CVE-2016-5399

SHA-256 | 7111a3aeb099e5121e1419ef1d6496905a8379d4ecf9926707c9684242505445

Download | Favorite | View