Description

Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.

Remediation

References

CVE-2016-4071

Related Vulnerabilities

Grafana Insufficiently Protected Credentials Vulnerability (CVE-2019-15635)

MySQL CVE-2019-2685 Vulnerability (CVE-2019-2685)

PHP Numeric Errors Vulnerability (CVE-2013-7226)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-23750)

phpMyAdmin Deserialization of Untrusted Data Vulnerability (CVE-2016-6620)

Severity

Critical

Classification

CVE-2016-4071 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities