PT-2016-3405 · Php+4 · Php+4

Shm

Published

2016-06-24

Updated

2018-01-05

CVE-2016-5768

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.5.37 PHP versions 5.6.x prior to 5.6.23 PHP versions 7.x prior to 7.0.8

Description The issue is related to a double free vulnerability in the mbstring extension of the PHP interpreter, specifically in the php mb regex ereg replace exec function. This vulnerability can be exploited by a remote attacker to execute arbitrary code or cause a denial of service, resulting in an application crash. The exploitation is possible by leveraging a callback exception.

Recommendations For PHP versions prior to 5.5.37, update to version 5.5.37 or later. For PHP versions 5.6.x prior to 5.6.23, update to version 5.6.23 or later. For PHP versions 7.x prior to 7.0.8, update to version 7.0.8 or later.

Exploit

Fix

RCE

DoS

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2022-02543

CESA-2016_2598

CVE-2016-5768

DLA-628-1

DSA-3618-1

MGASA-2016-0238

OPENSUSE-SU-2016_1761-1

RHSA-2016:2598

RHSA-2016:2750

RHSA-2016_2598

SUSE-SU-2016:1842-1

USN-3045-1

Affected Products

Centos

Php

Red Hat

Suse

Ubuntu

PT-2016-3405 · Php+4 · Php+4

CVE-2016-5768

Weakness Enumeration

Related Identifiers

Affected Products

References · 175