Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2016-07-25T14:00:00
Updated: 2024-08-06T01:22:20.760Z
Reserved: 2016-07-24T00:00:00
Link: CVE-2016-6297
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-07-25T14:59:11.467
Modified: 2024-11-21T02:55:50.700
Link: CVE-2016-6297
Redhat