Signature Detail

HTTP: PHP Unserialize Multiple Remote Code Execution

This signature detects attempts to exploit a known vulnerability against PHP. A successful attack can lead to arbitrary code execution.

Extended Description

ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.

Affected Products

• Php php 5.5.37
• Php php 5.6.0
• Php php 5.6.1
• Php php 5.6.10
• Php php 5.6.11
• Php php 5.6.12
• Php php 5.6.13
• Php php 5.6.14
• Php php 5.6.15
• Php php 5.6.16
• Php php 5.6.17
• Php php 5.6.18
• Php php 5.6.19
• Php php 5.6.2
• Php php 5.6.20
• Php php 5.6.21
• Php php 5.6.22
• Php php 5.6.23
• Php php 5.6.3
• Php php 5.6.4
• Php php 5.6.5
• Php php 5.6.6
• Php php 5.6.7
• Php php 5.6.8
• Php php 5.6.9
• Php php 7.0.0
• Php php 7.0.1
• Php php 7.0.2
• Php php 7.0.3
• Php php 7.0.4
• Php php 7.0.5
• Php php 7.0.8

References

• BugTraq: 91397
• BugTraq: 92094
• CVE: CVE-2016-6295
• CVE: CVE-2016-5773