CVE-2016-10712

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-10712
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10712.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-10712
Downstream
Related
Published
2018-02-09T06:29:00.210Z
Modified
2026-04-11T12:02:05.482087Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = streamgetmetadata(fopen($file, "r"))['uri']" call mishandles the case where $file is data:text/plain;uri=eviluri, -- in other words, metadata can be set by an attacker.

Database specific 
{
    "unresolved_ranges": [
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "14.04"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "16.04"
                }
            ]
        },
        {
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "17.10"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6c78ce66de2a9c4f872ae67b967a5c6e2a8f6c47
Introduced
fc1df8e7a6886e29a6ed5bef3f674ac61164e847
Last affected
e808a7687ecd82ea18d6a83cb1f003a84831c0e2
Introduced
60fffd296abce5fc071f3c173c25a2696cf683c6
Last affected
038c63cdea0472176ec2fdb162cfbd96e8c5f83e
Database specific 
{
    "cpe": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.5.31"
        },
        {
            "introduced": "5.6.0"
        },
        {
            "last_affected": "5.6.17"
        },
        {
            "introduced": "7.0.0"
        },
        {
            "last_affected": "7.0.2"
        }
    ]
}

Affected versions

Other
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
php-5.*
php-5.5.31
php-5.6.17
php-5.6.17RC1
php-7.*
php-7.0.2
php-7.0.2RC1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10712.json"