CVE-2016-5772

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-5772
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5772.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-5772
Downstream
Related
Published
2016-08-07T10:59:20.680Z
Modified
2026-03-15T14:17:57.032608Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddxdeserialize call.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d5747a70cf612e653b0e56dfa50efb29bbba273d
Introduced
fc1df8e7a6886e29a6ed5bef3f674ac61164e847
Fixed
961e562d1b7e7d67c7370022a167938641d607ea
Introduced
60fffd296abce5fc071f3c173c25a2696cf683c6
Fixed
a36407215f69ba2debf77933dcb3faa0c3ba2d04
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5dc92c2117cafc61daaaaa240fd46c3ac33872a4
Fixed
a44c89e8af7c2410f4bfc5e097be2a5d0639a60c
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.5.37"
        },
        {
            "introduced": "5.6.0"
        },
        {
            "fixed": "5.6.23"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.0.8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        }
    ]
}

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "11-sp4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "42.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "13.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "11-sp4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "11-sp4"
            }
        ]
    }
]
vanir_signatures 
[
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2016-5772-60a76a01",
        "target": {
            "file": "ext/wddx/wddx.c",
            "function": "php_wddx_push_element"
        },
        "digest": {
            "length": 4802.0,
            "function_hash": "259753987416402141766353710983866908693"
        },
        "signature_version": "v1",
        "source": "https://github.com/php/php-src/commit/961e562d1b7e7d67c7370022a167938641d607ea"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2016-5772-bf04f18e",
        "target": {
            "file": "ext/wddx/wddx.c",
            "function": "php_wddx_process_data"
        },
        "digest": {
            "length": 2110.0,
            "function_hash": "180570257826570885917371117402157294106"
        },
        "signature_version": "v1",
        "source": "https://github.com/php/php-src/commit/a44c89e8af7c2410f4bfc5e097be2a5d0639a60c"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2016-5772-e0fbf8ee",
        "target": {
            "file": "ext/wddx/wddx.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "108112416631527217460140097544647415290",
                "19194827250221392632591492071396049436",
                "327693491351152557693361828737983469639",
                "213154144896593918768606924357591146913"
            ]
        },
        "signature_version": "v1",
        "source": "https://github.com/php/php-src/commit/961e562d1b7e7d67c7370022a167938641d607ea"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2016-5772-fe4b66ca",
        "target": {
            "file": "ext/wddx/wddx.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "138371237491998008842515301943039341093",
                "5438853636735337843492742048264760460",
                "327287158167850452439701417552007583568",
                "78609767112690709860219252615091440765",
                "206516277081509952429337499612038618064",
                "256212817879242093001682295899415213645",
                "34110307404906790365435565495275501781",
                "37364056837223290377158685987933560788"
            ]
        },
        "signature_version": "v1",
        "source": "https://github.com/php/php-src/commit/a44c89e8af7c2410f4bfc5e097be2a5d0639a60c"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5772.json"