U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2016-5772

Change History

Modified Analysis by NIST 7/20/2022 12:49:55 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:php:php:5.5.36:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*
OR
     *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to (excluding) 5.5.37
     *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from (including) 5.6.0 up to (excluding) 5.6.23
     *cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions from (including) 7.0.0 up to (excluding) 7.0.8
Removed CVSS V3
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

								
						
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Changed Reference Type
http://github.com/php/php-src/commit/a44c89e8af7c2410f4bfc5e097be2a5d0639a60c?w=1 No Types Assigned
http://github.com/php/php-src/commit/a44c89e8af7c2410f4bfc5e097be2a5d0639a60c?w=1 Patch, Third Party Advisory
Changed Reference Type
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html No Types Assigned
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html Broken Link, Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html Mailing List, Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html Mailing List, Third Party Advisory
Changed Reference Type
http://php.net/ChangeLog-5.php Patch, Release Notes
http://php.net/ChangeLog-5.php Patch, Release Notes, Vendor Advisory
Changed Reference Type
http://php.net/ChangeLog-7.php Release Notes
http://php.net/ChangeLog-7.php Release Notes, Vendor Advisory
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-2750.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-2750.html Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2016/dsa-3618 No Types Assigned
http://www.debian.org/security/2016/dsa-3618 Third Party Advisory
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/06/23/4 Release Notes
http://www.openwall.com/lists/oss-security/2016/06/23/4 Mailing List, Patch, Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/91398 No Types Assigned
http://www.securityfocus.com/bid/91398 Third Party Advisory, VDB Entry
Changed Reference Type
https://bugs.php.net/bug.php?id=72340 Exploit, Issue Tracking
https://bugs.php.net/bug.php?id=72340 Exploit, Issue Tracking, Vendor Advisory
Changed Reference Type
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 No Types Assigned
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 Third Party Advisory
Changed Reference Type
https://support.apple.com/HT207170 No Types Assigned
https://support.apple.com/HT207170 Third Party Advisory