CVE-2016-4342 — Improper Restriction of Operations within the Bounds of a Memory Buffer in PHP

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-665 — Improper Initialization8 documents6 sources

Severity

8.8HIGHNVD

OSV7.3

EPSS

5.6%

top 9.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Php5 PHP Opensuse Leap

Timeline

PublishedMay 22

Latest updateMay 14

Description

ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶Ubuntuphp5/php5< 5.5.9+dfsg-1ubuntu4.17

▶NVDphp/php5.5.31+21

▶NVDopensuse/leap42.1

🔴Vulnerability Details

GHSA

GHSA-x4x8-wmcm-3vhv: ext/phar/phar_object↗2022-05-14

▶

OSV

php5, php7.0 vulnerabilities↗2016-05-24

▶

OSV

CVE-2016-4342: ext/phar/phar_object↗2016-04-29

▶

📋Vendor Advisories

Ubuntu

PHP vulnerabilities↗2016-05-24

▶

Red Hat

php: use of uninitialized pointer in PharFileInfo::getContent↗2016-01-12

▶

💬Community

Bugzilla

CVE-2016-4342 php: use of uninitialized pointer in PharFileInfo::getContent↗2016-02-08

▶

Bugzilla

CVE-2016-2554 CVE-2016-4342 php: various flaws [fedora-all]↗2016-02-08

▶