Skip to main content
CVE-2016-3141 CRITICAL Emergency

Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 72.3% and no vendor patch available.

Denial Of Service PHP Buffer Overflow Mac Os X
NVD
CVSS 3.0
9.8
EPSS
72.3%
Threat
4.1
CVE-2016-3142 HIGH This Week

The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP Buffer Overflow Mac Os X
NVD
CVSS 3.0
8.2
EPSS
4.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy