#VU524 Arbitrary code execution in PHP


Published: 2016-09-19

Vulnerability identifier: #VU524

Vulnerability risk: High

CVSSv3.1:

CVE-ID: CVE-2016-7412

CWE-ID: CWE-284

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
PHP
Universal components / Libraries / Scripting languages

Vendor: PHP Group

Description
The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by heap overflow during handling of BIT fields in mysqlnd that allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation
Update to 5.6.26.
http://php.net/ChangeLog-5.php#5.6.26
Update to 7.0.11.
http://php.net/ChangeLog-7.php#7.0.11

Vulnerable software versions

PHP: 5.6.26, 7.0.11

CPE

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability


Red Hat update for php
SUSE Linux update for php5
Arbitrary code execution in php (Alpine package)
OpenSUSE Linux update for php5
SUSE Linux update for php5
SUSE Linux update for php53
SUSE Linux update for php53
OpenSUSE Linux update for php5
Slackware Linux update for php
Arch Linux update for php