漏洞类别:CGI
漏洞等级: 
漏洞信息
PHP is a general purpose scripting language that is especially suited for web development and can be embedded into HTML.
PHP has been reported to be vulnerable to the following issues:
- An error exist with the virtual_file_ex function. Specifically, the function defines the "path_length" variable as a signed integer and is not checked for negative values. (CVE-2016-6289,)
- An Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c. The error occurs with how the "php_stream_zip_opener" function fails to check the path_len variable value when PHP handles a zip stream. (CVE-2016-6297)
Affected Versions:
PHP version before 5.5.x before 5.5.38, PHP version 5.6.x before 5.6.24, and PHP version 7.x before 7.0.9.
漏洞危害
Successful exploitation of this vulnerability will allow an attacker to conduct denial of service or possibly execute arbitrary code on the targeted host via a crafted extract operation on a ZIP archive.
解决方案
PHP has released versions 5.6.24 and 7.0.9 to address these bugs as well as other vulnerabilities.
Refer to PHP project main page at http://www.php.net/downloads.php to address this issue and obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论