CVEs-PoC/2016/CVE-2016-6296.md at 183d1f8677d424ca51cab102bc615f8bcebb511d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 23:27:33 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function.

POC

Reference

http://www.ubuntu.com/usn/USN-3059-1
http://www.ubuntu.com/usn/USN-3059-1
https://bugs.php.net/72606
https://bugs.php.net/72606

Github

No PoCs found on GitHub currently.

928 B Raw Blame History

CVE-2016-6296

Description

POC

Reference

Github

928 B

Raw Blame History