Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2016-3078

Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.487
EPSS Ranking 97.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2016-3078
  • Php » Php » Version: 7.0.0
    cpe:2.3:a:php:php:7.0.0
  • Php » Php » Version: 7.0.1
    cpe:2.3:a:php:php:7.0.1
  • Php » Php » Version: 7.0.2
    cpe:2.3:a:php:php:7.0.2
  • Php » Php » Version: 7.0.3
    cpe:2.3:a:php:php:7.0.3
  • Php » Php » Version: 7.0.4
    cpe:2.3:a:php:php:7.0.4
  • Php » Php » Version: 7.0.5
    cpe:2.3:a:php:php:7.0.5


Contact Us

Shodan ® - All rights reserved