9.8

CVE-2016-5768

Exploit
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version <= 5.5.36
PhpPhp Version5.6.0 Updatealpha1
PhpPhp Version5.6.0 Updatealpha2
PhpPhp Version5.6.0 Updatealpha3
PhpPhp Version5.6.0 Updatealpha4
PhpPhp Version5.6.0 Updatealpha5
PhpPhp Version5.6.0 Updatebeta1
PhpPhp Version5.6.0 Updatebeta2
PhpPhp Version5.6.0 Updatebeta3
PhpPhp Version5.6.0 Updatebeta4
PhpPhp Version5.6.1
PhpPhp Version5.6.2
PhpPhp Version5.6.3
PhpPhp Version5.6.4
PhpPhp Version5.6.5
PhpPhp Version5.6.6
PhpPhp Version5.6.7
PhpPhp Version5.6.8
PhpPhp Version5.6.9
PhpPhp Version5.6.10
PhpPhp Version5.6.11
PhpPhp Version5.6.12
PhpPhp Version5.6.13
PhpPhp Version5.6.14
PhpPhp Version5.6.15
PhpPhp Version5.6.16
PhpPhp Version5.6.17
PhpPhp Version5.6.18
PhpPhp Version5.6.19
PhpPhp Version5.6.20
PhpPhp Version5.6.21
PhpPhp Version5.6.22
PhpPhp Version7.0.0
PhpPhp Version7.0.1
PhpPhp Version7.0.2
PhpPhp Version7.0.3
PhpPhp Version7.0.4
PhpPhp Version7.0.5
PhpPhp Version7.0.6
PhpPhp Version7.0.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.63% 0.949
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-415 Double Free

The product calls free() twice on the same memory address.

http://php.net/ChangeLog-5.php
Patch
Release Notes
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
http://rhn.redhat.com/errata/RHSA-2016-2750.html
http://php.net/ChangeLog-7.php
Release Notes
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
https://support.apple.com/HT207170
http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html
http://rhn.redhat.com/errata/RHSA-2016-2598.html
http://www.openwall.com/lists/oss-security/2016/06/23/4
Release Notes
http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1
http://www.debian.org/security/2016/dsa-3618
http://www.securityfocus.com/bid/91396
https://bugs.php.net/bug.php?id=72402
Vendor Advisory
Exploit