CVE-2016-5873: Buffer Overflow
First published: Mon Jan 23 2017(Updated: )
Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Php Pecl Http | <=3.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2016/06/29/1
- http://www.openwall.com/lists/oss-security/2016/06/29/4
- http://www.securityfocus.com/bid/95863
- https://bugs.php.net/bug.php?id=71719
- https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac
- https://pecl.php.net/package/pecl_http/3.0.1
- https://security.gentoo.org/glsa/201612-17
- https://security.netapp.com/advisory/ntap-20180112-0001/
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/event
- agent/description
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/php
- canonical/php pecl http
- version/php pecl http/3.0.1