vulnerability
FreeBSD: VID-1b61ecef-cdb9-11e6-a9a5-b499baebfeaf (CVE-2016-7479): PHP -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Dec 29, 2016 | Dec 30, 2016 | Dec 10, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Dec 29, 2016
Added
Dec 30, 2016
Modified
Dec 10, 2025
Description
Check Point reports: ... discovered 3 fresh and previously unknown vulnerabilities (CVE-2016-7479, CVE-2016-7480, CVE-2016-7478) in the PHP 7 unserialize mechanism. The first two vulnerabilities allow attackers to take full control over servers, allowing them to do anything they want with the website, from spreading malware to defacing it or stealing customer data. The last vulnerability generates a Denial of Service attack which basically hangs the website, exhausts its memory consumption, and shuts it down. The PHP security team issued fixes for two of the vulnerabilities on the 13th of October and 1st of December.
Solution
freebsd-upgrade-package-php70
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.