CVE-2016-6296 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Xmlrpc-epi
Severity
9.8CRITICALNVD
EPSS
13.0%
top 5.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 25
Latest updateMay 14
Description
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages4 packages
🔴Vulnerability Details
3📋Vendor Advisories
5Debian▶
CVE-2016-6296: xmlrpc-epi - Integer signedness error in the simplestring_addn function in simplestring.c in ...↗2016
💬Community
3Bugzilla▶
CVE-2016-6296 xmlrpc-epi: php: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c [fedora-all]↗2016-07-25
Bugzilla▶
CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 php: various flaws [fedora-all]↗2016-07-25
Bugzilla▶
CVE-2016-6296 php: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c↗2016-07-25