| Vulnerability Name: | CVE-2016-4343 (CCN-112803) | ||||||||||||||||||||||||
| Assigned: | 2016-04-28 | ||||||||||||||||||||||||
| Published: | 2016-04-28 | ||||||||||||||||||||||||
| Updated: | 2022-07-20 | ||||||||||||||||||||||||
| Summary: | The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-824 | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-4343 Source: SUSE Type: Mailing List, Third Party Advisory openSUSE-SU-2016:1357 Source: MISC Type: Release Notes, Vendor Advisory http://php.net/ChangeLog-5.php Source: MISC Type: Release Notes, Vendor Advisory http://php.net/ChangeLog-7.php Source: CCN Type: RHSA-2016-2750 Moderate: rh-php56 security, bug fix, and enhancement update Source: REDHAT Type: Third Party Advisory RHSA-2016:2750 Source: CCN Type: oss-sec Mailing List, Thu, 28 Apr 2016 11:57:38 -0400 (EDT) Re: [CVE Requests] PHP issues Source: MLIST Type: Mailing List, Third Party Advisory [oss-security] 20160428 [CVE Requests] PHP issues Source: BID Type: Third Party Advisory, VDB Entry 89179 Source: CCN Type: BID-89179 PHP CVE-2016-4343 Uninitialized Pointer Denial of Service Vulnerability Source: CCN Type: PHP Web site Sec Bug #71331 Uninitialized pointer in phar_make_dirstream() Source: CONFIRM Type: Exploit, Issue Tracking, Vendor Advisory https://bugs.php.net/bug.php?id=71331 Source: XF Type: UNKNOWN php-cve20164343-code-exec(112803) Source: CONFIRM Type: Third Party Advisory https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 Source: CONFIRM Type: Third Party Advisory https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149 Source: CONFIRM Type: Third Party Advisory https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 Source: CCN Type: WhiteSource Vulnerability Database CVE-2016-4343 | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||