vulnerability
PHP Vulnerability: CVE-2016-3171
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Apr 12, 2016 | Sep 30, 2019 | Nov 27, 2024 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Apr 12, 2016
Added
Sep 30, 2019
Modified
Nov 27, 2024
Description
Drupal 6.x before 6.38, when used with PHP before 5.4.45, 5.5.x before 5.5.29, or 5.6.x before 5.6.13, might allow remote attackers to execute arbitrary code via vectors related to session data truncation.
Solutions
php-upgrade-5_4_45php-upgrade-5_5_29php-upgrade-5_6_13
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.