Description

Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.

Remediation

References

CVE-2016-4071

Related Vulnerabilities

WordPress Plugin Contact Form 7-Clockwork SMS Cross-Site Scripting (2.3.0)

MySQL CVE-2021-2070 Vulnerability (CVE-2021-2070)

WordPress Plugin FileBird-WordPress Media Library Folders & File Manager Cross-Site Scripting (2.4)

Oracle Application Server CVE-2008-7233 Vulnerability (CVE-2008-7233)

Zope Web Application Server Other Vulnerability (CVE-2001-1278)

Severity

Critical

Classification

CVE-2016-4071 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities