🕵️ CVE-2016-6289 | PHP up to 5.5.37/5.6.23/7.0.8 ZIP Archive TSRM/tsrm_virtual_cwd.c virtual_file_ex integer overflow (Nessus ID 119979 / ID 175796)
Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability, which was classified as critical, has been found in PHP up to 5.5.37/5.6.23/7.0.8. Affected by this issue is the function virtual_file_ex
of the file TSRM/tsrm_virtual_cwd.c of the component ZIP Archive Handler. The manipulation leads to integer overflow.
This vulnerability is handled as CVE-2016-6289. The attack needs to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component. ...