CVE-2016-5093

HIGH Year: 2016
CVSS v3 Score
8.6
High
CVSS v2 Score
7.5
High
Weakness Type
CWE-125
View all →

Vulnerability Description

The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.

Related Vulnerabilities

CVE-2019-5098

HIGH
CVSS:8.6(High)

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can prov...

CWE-1252019

CVE-2019-5124

HIGH
CVSS:8.6(High)

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a ...

CWE-1252019

CVE-2019-5146

HIGH
CVSS:8.6(High)

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a ...

CWE-1252019

CVE-2019-5147

HIGH
CVSS:8.6(High)

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a s...

CWE-1252019

CVE-2019-5254

HIGH
CVSS:8.6(High)

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG...

CWE-1252019

CVE-2020-3298

HIGH
CVSS:8.6(High)

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticat...

CWE-1252020