CVE-2016-3132
published 2016-08-07CVE-2016-3132: Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute…
PriorityP359critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
11.67%
95.5th percentile
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php5 | php5 | >= 0 < 5.5.9+dfsg-1ubuntu4.17 | 5.5.9+dfsg-1ubuntu4.17 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_redhat9.8CRITICAL
vendor_ubuntu7.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2016-05-24·CVSS 7.3
CVE-2015-8865 [HIGH] PHP vulnerabilities
Title: PHP vulnerabilities
Summary: Several security issues were fixed in PHP.
It was discovered that the PHP Fileinfo component incorrectly handled
certain magic files. An attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8865)
Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly
handled certain malformed Zip archives. A remote attacker could use this
issue to cause PHP to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-3078)
It was discovered that PHP incorrectly handled invalid indexes in the
SplDoublyLinkedList class. An attacker could use this issue to cause
Red Hat
php: Double free in SplDoublyLinkedList::offsetSet
vendor_redhat·2016-03-07·CVSS 9.8
CVE-2016-3132 [CRITICAL] CWE-416 php: Double free in SplDoublyLinkedList::offsetSet
php: Double free in SplDoublyLinkedList::offsetSet
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.
Package: php (Red Hat Enterprise Linux 5) - Not affected
Package: php53 (Red Hat Enterprise Linux 5) - Not affected
Package: php (Red Hat Enterprise Linux 6) - Not affected
Package: php (Red Hat Enterprise Linux 7) - Not affected
Package: php54-php (Red Hat Software Collections) - Not affected
Package: php55-php (Red Hat Software Collections) - Not affected
Package: rh-php56-php (Red Hat Software Collections) - Not affected
GHSA
GHSA-rpq8-3f5m-jp4r: Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist
ghsa_unreviewed·2022-05-17
CVE-2016-3132 [CRITICAL] CWE-415 GHSA-rpq8-3f5m-jp4r: Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.
OSV
php5, php7.0 vulnerabilities
osv·2016-05-24·CVSS 7.3
CVE-2015-8865 [HIGH] php5, php7.0 vulnerabilities
php5, php7.0 vulnerabilities
It was discovered that the PHP Fileinfo component incorrectly handled
certain magic files. An attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8865)
Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly
handled certain malformed Zip archives. A remote attacker could use this
issue to cause PHP to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-3078)
It was discovered that PHP incorrectly handled invalid indexes in the
SplDoublyLinkedList class. An attacker could use this issue to cause PHP to
crash, resulting in a denial of service, or
OSV
CVE-2016-3132: Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist
osv·2016-05-06·CVSS 9.8
CVE-2016-3132 [CRITICAL] CVE-2016-3132: Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist
Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spl_dllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index.
No detection rules found.
No public exploits indexed.
http://github.com/php/php-src/commit/28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5?w=1http://www.securityfocus.com/bid/92356https://bugs.php.net/bug.php?id=71735https://php.net/ChangeLog-7.phphttps://security-tracker.debian.org/tracker/CVE-2016-3132http://github.com/php/php-src/commit/28a6ed9f9a36b9c517e4a8a429baf4dd382fc5d5?w=1http://www.securityfocus.com/bid/92356https://bugs.php.net/bug.php?id=71735https://php.net/ChangeLog-7.phphttps://security-tracker.debian.org/tracker/CVE-2016-3132
2016-08-07
Published