CVE-2016-5095

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-5095

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5095.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-5095

Related

Published

2016-08-07T10:59:08Z

Modified

2024-08-01T08:16:50.307515Z

Severity

8.6 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H CVSS Calculator

Summary

[none]

Details

Integer overflow in the phpescapehtmlentitiesex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTERSANITIZEFULLSPECIALCHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type: GIT
Repo: https://github.com/php/php-src
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

11d102ebbcbbd008a6e50ddc65849dfcfb568da4

Last affected

2610d63a482e708ba28cf8e056f47412445a6c53

Last affected

2c9fcbabe8f7780c8566d9baddb5aae36fdce84b

Last affected

2f0d051bfd43315bedfff2de3137abd2c67741a6

Last affected

326ab8b147485eeb1ca023807272bc1994bcd7de

Last affected

50a8b9527a2317ba861ad0b660ff981f69941cfd

Last affected

57e698d58263edeb5e15d78e0a968298f65a439f

Last affected

62cf13d3aa08b15107b02a0505a4f30142fa37b4

Last affected

69797e81ed9917bb199d5cdc44fce6697493e1d2

Last affected

7603abbc5186e276a5a68c6ef28d1728e4a37ec4

Last affected

8648f76bac2f78391a1539253f21d62f53d83022

Last affected

8eff5afaced13c9c30337c11da4920fc1d2394ce

Last affected

939409d36feb09b882d521ec9ceecce6999ab199

Last affected

9d10b0109258e8ea797c8977c5932d162d6c6004

Last affected

a964242f19ad029e57a62576f04e3cbab4795d03

Last affected

ae15e636e2b213bf748fa0b94ca95ac96d6eae3a

Last affected

b1ffeb3a7f320549cbb1873f85f0da18e9a5a6ce

Last affected

c37265eacdd0186cb3b0bfeb0e0104c8563807ef

Last affected

c9e5f38e5b62fb6e5b60fe0759f51ab137ae8fd6

Last affected

cb80afc366df74ec7ab701a853407a69cc148f5d

Last affected

d8e4dcdfd617f1c1c942db63527d1d3838ede7c4

Last affected

dae8ff251c0cdbbb0640df8277edef050fdb8854

Last affected

df586243a3a8367d69f22990f1246dec4bbf437a

Last affected

e197c9b13991e569179a709574187f9e455efc0f

Last affected

e808a7687ecd82ea18d6a83cb1f003a84831c0e2

Last affected

effcb5a97358f01714bd833c8063a4a7abe9dff1

Last affected

f2722bdbc60403300a033ee8091a2da31f7c90c1

Last affected

f5751638dbd77136ce5c90e7d8bd090aa655c2a3

Last affected

f94c1df85fb004bb35091da5cebe730589a409b8

Affected versions

Other

NEWS

NEWS-cvs2svn

php-5.*

php-5.3.23RC1

php-5.3.29

php-5.3.29RC1

php-5.4.30RC1

php-5.4.32RC1

php-5.4.4RC2

php-5.5.24RC1

php-5.5.35

php-5.6.0alpha1

php-5.6.0alpha2

php-5.6.0alpha3

php-5.6.0beta1

php-5.6.1

php-5.6.10

php-5.6.10RC1

php-5.6.11

php-5.6.11RC1

php-5.6.12

php-5.6.12RC1

php-5.6.13

php-5.6.13RC1

php-5.6.14

php-5.6.14RC1

php-5.6.15

php-5.6.15RC1

php-5.6.16

php-5.6.16RC1

php-5.6.17

php-5.6.17RC1

php-5.6.18

php-5.6.18RC1

php-5.6.19

php-5.6.19RC1

php-5.6.1RC1

php-5.6.20

php-5.6.20RC1

php-5.6.21

php-5.6.21RC1

php-5.6.3

php-5.6.3RC1

php-5.6.4

php-5.6.4RC1

php-5.6.5

php-5.6.5RC1

php-5.6.6

php-5.6.6RC1

php-5.6.7

php-5.6.7RC1

php-5.6.8

php-5.6.8RC1

php-5.6.9

php-5.6.9RC1