Description

Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive.

Remediation

References

CVE-2016-6289

Related Vulnerabilities

Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-6932)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5112)

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10681)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-17485)

WordPress Plugin freetobook widget Unspecified Vulnerability (1.0.5)

Severity

High

Classification

CVE-2016-6289 CWE-190 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities