CVEs-PoC/2016/CVE-2016-7412.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-06 19:41:07 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

974 B

Raw Permalink Blame History

CVE-2016-7412

Description

ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.

POC

Reference

28f80baf3c
https://www.tenable.com/security/tns-2016-19

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/RClueX/Hackerone-Reports
https://github.com/imhunterand/hackerone-publicy-disclosed

974 B Raw Permalink Blame History

CVE-2016-7412

Description

POC

Reference

Github

974 B

Raw Permalink Blame History