National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2016-9935

Change History

Initial Analysis - 1/5/2017 1:39:20 PM

Action Type Old Value New Value
Changed Reference Type
http://www.openwall.com/lists/oss-security/2016/12/12/2 No Types Assigned
http://www.openwall.com/lists/oss-security/2016/12/12/2 Third Party Advisory
Changed Reference Type
http://www.php.net/ChangeLog-5.php No Types Assigned
http://www.php.net/ChangeLog-5.php Release Notes, Vendor Advisory
Changed Reference Type
http://www.php.net/ChangeLog-7.php No Types Assigned
http://www.php.net/ChangeLog-7.php Release Notes, Vendor Advisory
Changed Reference Type
https://bugs.php.net/bug.php?id=73631 No Types Assigned
https://bugs.php.net/bug.php?id=73631 Vendor Advisory
Changed Reference Type
https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0 No Types Assigned
https://github.com/php/php-src/commit/66fd44209d5ffcb9b3d1bc1b9fd8e35b485040c0 Vendor Advisory, Patch
Added CWE
CWE-125
Added CVSS V2
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CPE Configuration
OR
     *cpe:2.3:a:php:php:5.6.28:*:*:*:*:*:*:* (and previous)
     *cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*
     *cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*