CVE-2016-4071

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-4071
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4071.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-4071
Downstream
Related
Published
2016-05-20T11:00:15.473Z
Modified
2025-11-14T05:26:22.672237Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Format string vulnerability in the phpsnmperror function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
038c63cdea0472176ec2fdb162cfbd96e8c5f83e
Last affected
11d102ebbcbbd008a6e50ddc65849dfcfb568da4
Last affected
2610d63a482e708ba28cf8e056f47412445a6c53
Last affected
29b4532f618973b80b6b7017b44139995dce697c
Last affected
2c2d0de09e522fe097bfcebfb758171eb6aa5270
Last affected
2c9b4e87a0bf3890a3f12d9929123f4e49d0b1f5
Last affected
2c9fcbabe8f7780c8566d9baddb5aae36fdce84b
Last affected
2f0d051bfd43315bedfff2de3137abd2c67741a6
Last affected
3156580a34b947e4325fdd165015904153790c39
Last affected
326ab8b147485eeb1ca023807272bc1994bcd7de
Last affected
3cb1be7a1b71f4a9f2852d471af0bbfef5308278
Last affected
4054ec69da7631046f19d54ab06f09728a208b8b
Last affected
40eea49f64cc8a4fab18313ee25a872fce784a15
Last affected
4217038ddb12f00824bc7c78db008ef6e2ca4484
Last affected
437f4b193310bdf8bc2c37ffb0f54a9b6ede28eb
Last affected
46370d548b7803ca38901fe5839e18a3ab93aab5
Last affected
4e1b8701573698f56e12672e4991d7e6239138d2
Last affected
523bb2473470242c9b167584247bf7c6b4bcb8d5
Last affected
54ffe6a3b77c34e1352611243b9347c9411e4014
Last affected
57e698d58263edeb5e15d78e0a968298f65a439f
Last affected
58a3e9586b96278b0a108b9c038b6174deba116b
Last affected
5b205c71a54b6a45c7c20c77020d8ec76a9b88ef
Last affected
60fffd296abce5fc071f3c173c25a2696cf683c6
Last affected
61249b01257929e96ce3e2ad7b9f0067a6c44aa4
Last affected
62cf13d3aa08b15107b02a0505a4f30142fa37b4
Last affected
6690cff375f5ffe4ba0e652f30b4b6ea8d35439f
Last affected
69797e81ed9917bb199d5cdc44fce6697493e1d2
Last affected
6c78ce66de2a9c4f872ae67b967a5c6e2a8f6c47
Last affected
6daaf1103b9ea36ecf04c5cffee9e8287fdf39c7
Last affected
7603abbc5186e276a5a68c6ef28d1728e4a37ec4
Last affected
7fb06ce4d388740d79e18b2a15b5ad5020f38a0f
Last affected
805934fef05d51649c98cd8dc6ee24c40458a47e
Last affected
82d537811cffa2851bae985b47b2ba91818f0c58
Last affected
8648f76bac2f78391a1539253f21d62f53d83022
Last affected
8eb2a1067ce478c035663c500bd74ec30731c494
Last affected
8eff5afaced13c9c30337c11da4920fc1d2394ce
Last affected
8f0acd6a9022e01f5c438c395eb619f34f89567e
Last affected
8f155eae867aacd79bec46391277100189d95a3a
Last affected
939409d36feb09b882d521ec9ceecce6999ab199
Last affected
945736ca4963570b1ca36251f232bc33f51f3329
Last affected
94eff14f26013d2be976036b288536d902b59971
Last affected
a2a22c46686604f07a06fc6805368c0c281f7808
Last affected
a54db3838f780628d898369c4cfcf41f5bded97c
Last affected
a7c3d28e89e0617c54bf567eaca94fb8dad5dfdb
Last affected
a856d8cc4f18ebd63c112a55f3de20602e7d12a3
Last affected
a964242f19ad029e57a62576f04e3cbab4795d03
Last affected
ae15e636e2b213bf748fa0b94ca95ac96d6eae3a
Last affected
b1ffeb3a7f320549cbb1873f85f0da18e9a5a6ce
Last affected
ba19ce3794fe734af2cc9597ac72e2b1be06852f
Last affected
c0ef5d57e354614f6019e84e1d7d5aaa907ccedb
Last affected
c37265eacdd0186cb3b0bfeb0e0104c8563807ef
Last affected
c48169cc31c6b263a4942295fa15f141ecf28cd5
Last affected
c5ffec0d344836909da4856ab0ef3d834e672312
Last affected
c9e5f38e5b62fb6e5b60fe0759f51ab137ae8fd6
Last affected
cb80afc366df74ec7ab701a853407a69cc148f5d
Last affected
d005ed9681d6797012570c4e32abb3abcdf3b72a
Last affected
d8e4dcdfd617f1c1c942db63527d1d3838ede7c4
Last affected
da76b1a87356695dfd9ce17c81801c3f8450a647
Last affected
dae8ff251c0cdbbb0640df8277edef050fdb8854
Last affected
dd8a40b23bf50b1c4aa3cdb62cfdb99eecdbbd4f
Last affected
df586243a3a8367d69f22990f1246dec4bbf437a
Last affected
e09845d32614a19188632f410316478fbb440ebd
Last affected
e7ed1f65c1add150c06b4c720df10546a53d6c9a
Last affected
e808a7687ecd82ea18d6a83cb1f003a84831c0e2
Last affected
e926a1a71b17555c621b7f193bcd6625c916de48
Last affected
e941690b242b0cbf63baed95d067eaf94a231165
Last affected
e971b92d4a3b3ca5b60a15b8c34d2abbf4b4173c
Last affected
ebbb592f6402b45da84c7725bc4131f36ed498b1
Last affected
effcb5a97358f01714bd833c8063a4a7abe9dff1
Last affected
f2722bdbc60403300a033ee8091a2da31f7c90c1
Last affected
f444b33ee87d3745c3cea948549ec9ed07c8c9c4
Last affected
f5751638dbd77136ce5c90e7d8bd090aa655c2a3
Last affected
f89ee8040a8b8d93981c9df85a79592ceac02f1f
Last affected
f8f85eb9d193452473a188ea216cda5f38fb766e
Last affected
f94c1df85fb004bb35091da5cebe730589a409b8
Last affected
fa6f9e100476fbdd65495524616a0373edb24f87

Affected versions

Other

NEWS
NEWS-cvs2svn
POST_64BIT_BRANCH_MERGE
POST_AST_MERGE
POST_NATIVE_TLS_MERGE
POST_PHP7_EREG_MYSQL_REMOVALS
POST_PHP7_NSAPI_REMOVAL
POST_PHP7_REMOVALS
POST_PHPNG_MERGE
PRE_64BIT_BRANCH_MERGE
PRE_AST_MERGE
PRE_NATIVE_TLS_MERGE
PRE_PHP7_EREG_MYSQL_REMOVALS
PRE_PHP7_NSAPI_REMOVAL
PRE_PHP7_REMOVALS
PRE_PHPNG_MERGE

php-5.*

php-5.3.23RC1
php-5.3.29
php-5.3.29RC1
php-5.4.30RC1
php-5.4.32RC1
php-5.4.4RC2
php-5.5.10
php-5.5.10RC1
php-5.5.11
php-5.5.11RC1
php-5.5.12
php-5.5.12RC1
php-5.5.13
php-5.5.13RC1
php-5.5.14
php-5.5.14RC1
php-5.5.15
php-5.5.15RC1
php-5.5.16
php-5.5.16RC1
php-5.5.17
php-5.5.17RC1
php-5.5.18
php-5.5.18RC1
php-5.5.19
php-5.5.19RC1
php-5.5.2
php-5.5.20
php-5.5.20RC1
php-5.5.21
php-5.5.21RC1
php-5.5.22
php-5.5.22RC1
php-5.5.23
php-5.5.23RC1
php-5.5.24
php-5.5.24RC1
php-5.5.25
php-5.5.25RC1
php-5.5.26
php-5.5.26RC1
php-5.5.27
php-5.5.27RC1
php-5.5.29
php-5.5.30
php-5.5.31
php-5.5.32
php-5.5.33
php-5.5.4
php-5.5.7
php-5.5.7RC1
php-5.5.8
php-5.5.8RC1
php-5.5.9
php-5.5.9RC1
php-5.6.0alpha1
php-5.6.0alpha2
php-5.6.0alpha3
php-5.6.0beta1
php-5.6.1
php-5.6.10
php-5.6.10RC1
php-5.6.11
php-5.6.11RC1
php-5.6.12
php-5.6.12RC1
php-5.6.13
php-5.6.13RC1
php-5.6.14
php-5.6.14RC1
php-5.6.15
php-5.6.15RC1
php-5.6.16
php-5.6.16RC1
php-5.6.17
php-5.6.17RC1
php-5.6.18
php-5.6.18RC1
php-5.6.19
php-5.6.19RC1
php-5.6.1RC1
php-5.6.3
php-5.6.3RC1
php-5.6.4
php-5.6.4RC1
php-5.6.5
php-5.6.5RC1
php-5.6.6
php-5.6.6RC1
php-5.6.7
php-5.6.7RC1
php-5.6.8
php-5.6.8RC1
php-5.6.9
php-5.6.9RC1

php-7.*

php-7.0.0
php-7.0.0RC1
php-7.0.0RC2
php-7.0.0RC3
php-7.0.0RC4
php-7.0.0RC5
php-7.0.0RC6
php-7.0.0RC7
php-7.0.0RC8
php-7.0.0alpha1
php-7.0.0alpha2
php-7.0.0beta1
php-7.0.0beta2
php-7.0.0beta3
php-7.0.1
php-7.0.1RC1
php-7.0.2
php-7.0.2RC1
php-7.0.3
php-7.0.3RC1
php-7.0.4
php-7.0.4RC1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4071.json"