vulnerability

SUSE: CVE-2016-5768: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jul 20, 2016
Added
Jul 26, 2016
Modified
Feb 4, 2022

Description

Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception.

Solutions

suse-upgrade-apache2-mod_php5suse-upgrade-php5suse-upgrade-php5-bcmathsuse-upgrade-php5-bz2suse-upgrade-php5-calendarsuse-upgrade-php5-ctypesuse-upgrade-php5-curlsuse-upgrade-php5-dbasuse-upgrade-php5-develsuse-upgrade-php5-domsuse-upgrade-php5-enchantsuse-upgrade-php5-exifsuse-upgrade-php5-fastcgisuse-upgrade-php5-fileinfosuse-upgrade-php5-fpmsuse-upgrade-php5-ftpsuse-upgrade-php5-gdsuse-upgrade-php5-gettextsuse-upgrade-php5-gmpsuse-upgrade-php5-iconvsuse-upgrade-php5-imapsuse-upgrade-php5-intlsuse-upgrade-php5-jsonsuse-upgrade-php5-ldapsuse-upgrade-php5-mbstringsuse-upgrade-php5-mcryptsuse-upgrade-php5-mysqlsuse-upgrade-php5-odbcsuse-upgrade-php5-opcachesuse-upgrade-php5-opensslsuse-upgrade-php5-pcntlsuse-upgrade-php5-pdosuse-upgrade-php5-pearsuse-upgrade-php5-pgsqlsuse-upgrade-php5-pharsuse-upgrade-php5-posixsuse-upgrade-php5-pspellsuse-upgrade-php5-shmopsuse-upgrade-php5-snmpsuse-upgrade-php5-soapsuse-upgrade-php5-socketssuse-upgrade-php5-sqlitesuse-upgrade-php5-suhosinsuse-upgrade-php5-sysvmsgsuse-upgrade-php5-sysvsemsuse-upgrade-php5-sysvshmsuse-upgrade-php5-tokenizersuse-upgrade-php5-wddxsuse-upgrade-php5-xmlreadersuse-upgrade-php5-xmlrpcsuse-upgrade-php5-xmlwritersuse-upgrade-php5-xslsuse-upgrade-php5-zipsuse-upgrade-php5-zlib

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today