Description

Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876.

Remediation

References

CVE-2016-7478

Related Vulnerabilities

SharePoint Authentication Bypass by Spoofing Vulnerability (CVE-2021-42320)

Oracle Database Server CVE-2020-2968 Vulnerability (CVE-2020-2968)

OpenSSL Resource Management Errors Vulnerability (CVE-2011-3210)

Microsoft SQL Server Other Vulnerability (CVE-2003-0231)

Jenkins Improper Input Validation Vulnerability (CVE-2021-21606)

Severity

High

Classification

CVE-2016-7478 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities