Your submission was sent successfully! Close

CVE-2016-3185

Published: 22 March 2016

The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.

Notes

AuthorNote
mdeslaur
bug 71610 is for basically same issue as 70081 that got reverted
by mistake at some point. This CVE is for the first second part
of bug 70081.
See CVE-2015-8835 for the first part.
Priority

Medium

CVSS 3 base score: 7.1

Status

Package Release Status
php5
Launchpad, Ubuntu, Debian
precise
Released (5.3.10-1ubuntu3.22)
trusty
Released (5.5.9+dfsg-1ubuntu4.16)
upstream
Released (5.6.12)
wily
Released (5.6.11+dfsg-1ubuntu3.2)
xenial Does not exist

Patches:
upstream: http://git.php.net/?p=php-src.git;a=commit;h=c96d08b27226193dd51f2b50e84272235c6aaa69

php7.0
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream
Released (7.0.4)
wily Does not exist

xenial Not vulnerable
(7.0.4-5ubuntu2)
Patches:

upstream: https://git.php.net/?p=php-src.git;a=commit;h=eaf4e77190d402ea014207e9a7d5da1a4f3727ba