CVE-2016-2554 (retired)

Priority
Description
Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x
before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a
denial of service (application crash) or possibly have unspecified other
impact via a crafted TAR archive.
Assigned-to
mdeslaur
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.6.18+dfsg-1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Patches:
Upstream:https://git.php.net/?p=php-src.git;a=commit;h=07c7df68bd68bbe706371fccc77c814ebb335d9e
Package
Upstream:released (7.0.3-1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (7.0.3-3)
More Information

Updated: 2019-09-19 15:57:37 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)