Back to search
CVE-2016-3078
Published: Aug 7, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugs.php.net/bug.php?id=71923
x_refsource_CONFIRM
[oss-security] 20160428 CVE-2016-3078: php: integer overflow in ZipArchive::getFrom*
mailing-list
x_refsource_MLIST
https://security-tracker.debian.org/tracker/CVE-2016-3078
x_refsource_CONFIRM
39742
exploit
x_refsource_EXPLOIT-DB
https://php.net/ChangeLog-7.php
x_refsource_CONFIRM
1035701
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now