Test ID:	1.3.6.1.4.1.25623.1.0.108055
Category:	Denial of Service
Title:	PHP Multiple Denial of Service Vulnerabilities - 02 (Jan 2017) - Windows
Summary:	PHP is prone to multiple denial of service (DoS) vulnerabilities.;; This VT has been deprecated and merged into the VT 'PHP Multiple Vulnerabilities (Jan 2017 - 02) - Windows'; (OID: 1.3.6.1.4.1.25623.1.0.108053).
Description:	Summary: PHP is prone to multiple denial of service (DoS) vulnerabilities. This VT has been deprecated and merged into the VT 'PHP Multiple Vulnerabilities (Jan 2017 - 02) - Windows' (OID: 1.3.6.1.4.1.25623.1.0.108053). Vulnerability Insight: Multiple flaws are due to - A integer overflow in the phar_parse_pharfile function in ext/phar/phar.c via a truncated manifest entry in a PHAR archive. - A off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c via a crafted PHAR archive with an alias mismatch. Vulnerability Impact: Successfully exploiting this issue allow remote attackers to cause a denial of service (memory consumption or application crash). Affected Software/OS: PHP versions before 5.6.30 and 7.0.x before 7.0.15 Solution: Update to PHP version 5.6.30, 7.0.15 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10159 BugTraq ID: 95774 http://www.securityfocus.com/bid/95774 Debian Security Information: DSA-3783 (Google Search) http://www.debian.org/security/2017/dsa-3783 https://security.gentoo.org/glsa/201702-29 RedHat Security Advisories: RHSA-2018:1296 https://access.redhat.com/errata/RHSA-2018:1296 http://www.securitytracker.com/id/1037659 Common Vulnerability Exposure (CVE) ID: CVE-2016-10160 BugTraq ID: 95783 http://www.securityfocus.com/bid/95783
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.