Oval Definition:oval:org.opensuse.security:def:20164072
Revision Date:2022-05-22Version:1
Title:CVE-2016-4072
Description:

The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar/phar.c.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2016-4072
SUSE CVE-2016-4072
Platform(s):SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND pcre2 is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • libpcre2-16-0 is affected
  • OR libpcre2-32-0 is affected
  • OR libpcre2-8-0 is affected
  • OR libpcre2-posix2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libpcre1 is affected
  • OR libpcre1-32bit is affected
  • OR libpcre16-0 is affected
  • OR libpcrecpp0 is affected
  • OR libpcreposix0 is affected
  • OR pcre-devel is affected
  • OR libpcre2-16-0 is affected
  • OR libpcre2-32-0 is affected
  • OR libpcre2-8-0 is affected
  • OR libpcre2-posix2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • libpcre1 is affected
  • OR libpcre1-32bit is affected
  • OR libpcre16-0 is affected
  • OR libpcrecpp0 is affected
  • OR libpcreposix0 is affected
  • OR pcre-devel is affected
  • OR libpcre2-16-0 is affected
  • OR libpcre2-32-0 is affected
  • OR libpcre2-8-0 is affected
  • OR libpcre2-posix2 is affected
    • BACK