U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2016-5770

Change History

Modified Analysis by NIST 7/20/2022 12:54:27 PM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Removed CVSS V3
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

								
						
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.37
     *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from (including) 5.6.0 up to (excluding) 5.6.23
     *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from (including) 7.0.0 up to (excluding) 7.0.8
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Removed CPE Configuration
OR
     *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to (including) 5.5.36
     *cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*

								
						
Changed Reference Type
http://github.com/php/php-src/commit/7245bff300d3fa8bacbef7897ff080a6f1c23eba?w=1 No Types Assigned
http://github.com/php/php-src/commit/7245bff300d3fa8bacbef7897ff080a6f1c23eba?w=1 Patch, Third Party Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html Broken Link, Mailing List
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html Mailing List, Third Party Advisory
Changed Reference Type
http://php.net/ChangeLog-5.php Patch, Release Notes
http://php.net/ChangeLog-5.php Patch, Release Notes, Vendor Advisory
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-2750.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-2750.html Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2016/dsa-3618 No Types Assigned
http://www.debian.org/security/2016/dsa-3618 Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/06/23/4 Release Notes
http://www.openwall.com/lists/oss-security/2016/06/23/4 Mailing List, Patch, Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/91403 No Types Assigned
http://www.securityfocus.com/bid/91403 Third Party Advisory, VDB Entry
Changed Reference Type
https://bugs.php.net/bug.php?id=72262 No Types Assigned
https://bugs.php.net/bug.php?id=72262 Exploit, Issue Tracking, Vendor Advisory
Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 No Types Assigned
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 Third Party Advisory
Changed Reference Type
https://support.apple.com/HT207170 No Types Assigned
https://support.apple.com/HT207170 Third Party Advisory