PHP Multiple Vulnerabilities - 01 - Aug16 (Windows)

Published: 2016-08-17 06:11:54
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Summary:
This host is installed with PHP and is prone to multiple vulnerabilities.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws are due to, - The 'php_zip.c' script in the zip extension improperly interacts with the unserialize implementation and garbage collection. - The php_wddx_process_data function in 'wddx.c' script in the WDDX extension mishandled data in a wddx_deserialize call. - The multiple integer overflows in 'mcrypt.c' script in the mcrypt extension. - The double free vulnerability in the '_php_mb_regex_ereg_replace_exec' function in 'php_mbregex.c' script in the mbstring extension. - An integer overflow in the '_gd2GetHeader' function in 'gd_gd2.c' script in the GD Graphics Library. - An integer overflow in the 'gdImageCreate' function in 'gd.c' script in the GD Graphics Library.

Impact:
Successfully exploiting this issue allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code.

Affected Versions:
PHP versions prior to 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 on Windows

Recommendations:
Upgrade to PHP version 5.5.37, or 5.6.23, or 7.0.8, or later.

Solution Type:
Vendor Patch

Detection Type:
Remote Banner

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2016-5773
https://nvd.nist.gov/vuln/detail/CVE-2016-5772
https://nvd.nist.gov/vuln/detail/CVE-2016-5769
https://nvd.nist.gov/vuln/detail/CVE-2016-5768
https://nvd.nist.gov/vuln/detail/CVE-2016-5766
https://nvd.nist.gov/vuln/detail/CVE-2016-5767

SecurityFocus Bugtraq ID:

https://www.securityfocus.com/bid/91397
https://www.securityfocus.com/bid/91398
https://www.securityfocus.com/bid/91399
https://www.securityfocus.com/bid/91396
https://www.securityfocus.com/bid/91395

References:

http://www.php.net/ChangeLog-5.php
http://www.php.net/ChangeLog-7.php

Search
Severity
High
CVSS Score
7.5

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.