Web application abuses : PHP Arbitrary Code Execution Vulnerability (Jul 2016)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.808796

Categoría: Web application abuses

Título: PHP Arbitrary Code Execution Vulnerability (Jul 2016) - Linux

Resumen: PHP is prone to an arbitrary code execution vulnerability.

Descripción: Summary:
PHP is prone to an arbitrary code execution vulnerability.

Vulnerability Insight:
The flaw is due to the double free
vulnerability in the 'SplDoublyLinkedList::offsetSet' function in
'ext/spl/spl_dllist.c' script.

Vulnerability Impact:
Successfully exploiting this issue allow remote
attackers to execute arbitrary code via a crafted index.

Affected Software/OS:
PHP versions 7.x before 7.0.6 on Linux

Solution:
Update to PHP version 7.0.6,
or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-3132
BugTraq ID: 92356
http://www.securityfocus.com/bid/92356

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.808796
Categoría:	Web application abuses
Título:	PHP Arbitrary Code Execution Vulnerability (Jul 2016) - Linux
Resumen:	PHP is prone to an arbitrary code execution vulnerability.
Descripción:	Summary: PHP is prone to an arbitrary code execution vulnerability. Vulnerability Insight: The flaw is due to the double free vulnerability in the 'SplDoublyLinkedList::offsetSet' function in 'ext/spl/spl_dllist.c' script. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to execute arbitrary code via a crafted index. Affected Software/OS: PHP versions 7.x before 7.0.6 on Linux Solution: Update to PHP version 7.0.6, or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3132 BugTraq ID: 92356 http://www.securityfocus.com/bid/92356
Copyright	Copyright (C) 2016 Greenbone AG