Test ID:	1.3.6.1.4.1.25623.1.0.807089
Category:	Web application abuses
Title:	PHP < 5.5.31, 5.6.x < 5.6.17, 7.x < 7.0.2 Out of Bounds Read Memory Corruption Vulnerability (Mar 2016) - Windows
Summary:	PHP is prone to an out-of-bounds read memory corruption; vulnerability.
Description:	Summary: PHP is prone to an out-of-bounds read memory corruption vulnerability. Vulnerability Insight: A memory corruption vulnerability occurs via a large 'bgd_color' argument to the 'imagerotate' function in 'ext/gd/libgd/gd_interpolation.c' script. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to obtain sensitive information or cause a denial-of-service condition. Affected Software/OS: PHP prior to version 5.5.31, 5.6.x prior to 5.6.17 and 7.x prior to 7.0.2 on Windows. Solution: Update to version 5.5.31, 5.6.17, 7.0.2 or later. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1903 BugTraq ID: 79916 http://www.securityfocus.com/bid/79916 http://www.openwall.com/lists/oss-security/2016/01/14/8 RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.securitytracker.com/id/1034608 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720 SuSE Security Announcement: openSUSE-SU-2016:0251 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html SuSE Security Announcement: openSUSE-SU-2016:0366 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html http://www.ubuntu.com/usn/USN-2952-1 http://www.ubuntu.com/usn/USN-2952-2
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.