CVE-2016-5093 in PHP
Resumen (Inglés)
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Reservar
2016-05-26
Divulgación
2016-08-07
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 90611 | PHP locale_methods.c get_icu_value_internal divulgación de información | 125 | No está definido | Arreglo oficial | CVE-2016-5093 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV