CVE-2016-4538

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the zero, one, or two global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.

Published: May 22, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-4538
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
php / php	5.6.1	5.6.1.x
php / php	5.6.5	5.6.5.x
php / php	7.0.4	7.0.4.x
php / php	5.6.12	5.6.12.x
php / php	5.6.13	5.6.13.x
php / php	5.6.0	5.6.0.x
php / php	5.6.4	5.6.4.x
php / php	7.0.3	7.0.3.x
php / php	5.6.6	5.6.6.x
php / php	7.0.1	7.0.1.x
php / php	5.6.18	5.6.18.x
php / php	5.6.11	5.6.11.x
php / php	5.6.2	5.6.2.x
php / php	5.6.10	5.6.10.x
php / php	-	5.5.33.x
php / php	5.6.7	5.6.7.x
php / php	5.6.15	5.6.15.x
php / php	5.6.20	5.6.20.x
php / php	7.0.2	7.0.2.x
php / php	5.6.17	5.6.17.x
php / php	5.6.16	5.6.16.x
php / php	5.6.9	5.6.9.x
php / php	7.0.5	7.0.5.x
php / php	5.6.3	5.6.3.x
php / php	7.0.0	7.0.0.x
php / php	5.6.8	5.6.8.x
php / php	5.6.14	5.6.14.x
php / php	5.6.19	5.6.19.x
fedoraproject / fedora	24	24.x
opensuse / leap	42.1	42.1.x

Vulnerability Database

289,697

CVE-2016-4538