WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5770)

Description

Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096.

Remediation

References

Related Vulnerabilities

WordPress Plugin Wow Forms-create any form with custom style SQL Injection (3.1.3)

MySQL 7PK - Security Features Vulnerability (CVE-2016-2047)

WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4402)

WordPress Plugin Pods-Custom Content Types and Fields Multiple Vulnerabilities (2.4.3)

Severity

Critical

Classification

CVE-2016-5770 CWE-190 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities