CVE-2016-7418

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-7418
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-7418.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-7418
Downstream
Related
Published
2016-09-17T21:59:10Z
Modified
2025-10-15T08:25:21.793454Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddxdeserialize call.

References

Affected packages

Git / github.com/php/php-src

Affected ranges

Type
GIT
Repo
https://github.com/php/php-src
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

NEWS
NEWS-cvs2svn

php-5.*

php-5.3.23RC1
php-5.3.29
php-5.3.29RC1
php-5.4.30RC1
php-5.4.32RC1
php-5.4.4RC2
php-5.5.24RC1
php-5.6.18RC1
php-5.6.19RC1
php-5.6.22RC1
php-5.6.23RC1
php-5.6.24RC1

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29",
        "signature_version": "v1",
        "target": {
            "function": "php_wddx_push_element",
            "file": "ext/wddx/wddx.c"
        },
        "digest": {
            "function_hash": "301755387465239169747237975694531964431",
            "length": 4854.0
        },
        "id": "CVE-2016-7418-760e79e7"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "source": "https://github.com/php/php-src/commit/c4cca4c20e75359c9a13a1f9a36cb7b4e9601d29",
        "signature_version": "v1",
        "target": {
            "file": "ext/wddx/wddx.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "308694738579821330575113088819953920852",
                "84685106283968628504680174502681186750",
                "211346454573652685734979468850567577816",
                "18489613605778186720515946013870429298",
                "249598479934599620074032434067904094637",
                "15983837247249289812712296581946220790",
                "324664599945258097417736163646327943350",
                "136356109348485930596258890158835077254",
                "27052967596267270576444515664299000484",
                "204386543369611475760358364132751115204",
                "210067127343357516321561959327529389397",
                "336428203481456014216272231594019601213",
                "218660437309276509347849730681931299111",
                "47587827024300610377702192824979977266",
                "108112416631527217460140097544647415290",
                "174749150332282443750440209917291064153",
                "58039656399573981131841824752074006686",
                "193234765473047900801339128086207549659",
                "332613737563562772784506183104791857778",
                "282220600908517069566001490611677413494",
                "144261495474165999922135191429869395205",
                "119831470993581856570386852775908731078",
                "4293155750088484306679532266909695460",
                "171322702806979196618087965127779297756",
                "91635138978443424222239518240134551202",
                "291825211060746831943962194003986966104",
                "174062326053673189029702070890453612045",
                "284827188498645453215671116196214305846",
                "23465117317755467644845650613445216244",
                "222850536836707307193417947187898618565",
                "217815023334364138222218364120377904306",
                "255372112077290822634886472988781142970",
                "55128966905359705429461440335881369597",
                "216781671013480326658757297888782661620",
                "99412707763629256313032685967627343200",
                "42672048477788047917688512924494305538"
            ]
        },
        "id": "CVE-2016-7418-9c7c3b2c"
    }
]