Loianhtuan

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.5.38 PHP versions 5.6.x prior to 5.6.24 PHP versions 7.x prior to 7.0.9 **Description** The issue is caused by an integer overflow in the `php stream zip opener` function, which can be exploited by remote attackers using a crafted zip:// URL. This can lead to a denial of service due to a stack-based buffer overflow, and possibly other unspecified impacts. **Recommendations** For PHP versions prior to 5.5.38, update to version 5.5.38 or later. For PHP versions 5.6.x prior to 5.6.24, update to version 5.6.24 or later. For PHP versions 7.x prior to 7.0.9, update to version 7.0.9 or later.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.5.38 PHP versions 5.6.x prior to 5.6.24 PHP versions 7.x prior to 7.0.9 **Description** The issue is caused by an integer overflow in the `virtual file ex` function, which can be exploited by remote attackers through a crafted extract operation on a ZIP archive, potentially leading to a denial of service or other unspecified impacts. **Recommendations** For PHP versions prior to 5.5.38, update to version 5.5.38 or later. For PHP versions 5.6.x prior to 5.6.24, update to version 5.6.24 or later. For PHP versions 7.x prior to 7.0.9, update to version 7.0.9 or later.