{"id":"CVE-2016-3078","details":"Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.","modified":"2026-04-11T04:02:05.374705Z","published":"2016-08-07T10:59:02.757Z","references":[{"type":"ADVISORY","url":"https://php.net/ChangeLog-7.php"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2016-3078"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1035701"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=71923"},{"type":"FIX","url":"https://github.com/php/php-src/commit/3b8d4de300854b3517c7acb239b84f7726c1353c?w=1"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/39742/"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2016/04/28/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"fixed":"734a5fca2c4731e34eca551f28be9a10ffc3f3c9"},{"fixed":"3b8d4de300854b3517c7acb239b84f7726c1353c"}],"database_specific":{"versions":[{"introduced":"7.0.0"},{"fixed":"7.0.6"}]}}],"database_specific":{"vanir_signatures":[{"target":{"file":"ext/zip/php_zip.c"},"signature_version":"v1","source":"https://github.com/php/php-src/commit/3b8d4de300854b3517c7acb239b84f7726c1353c","signature_type":"Line","id":"CVE-2016-3078-4b3a61bd","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["193834782511832635126460315008502649908","122701032404794599140100292209662573895","305997671698898631509667006704042414636","199880202858721550022649770427341030569","138951393611278878555268921097277489425","136890833185091162244737598814651851569","30058069426566830036519766740381670483","240539720814655648509524591137719963333"]}},{"target":{"function":"PHP_NAMED_FUNCTION","file":"ext/zip/php_zip.c"},"signature_version":"v1","source":"https://github.com/php/php-src/commit/3b8d4de300854b3517c7acb239b84f7726c1353c","signature_type":"Function","id":"CVE-2016-3078-d5cc51d3","deprecated":false,"digest":{"length":623,"function_hash":"236365680313424228371521953091843272237"}},{"target":{"function":"php_zip_get_from","file":"ext/zip/php_zip.c"},"signature_version":"v1","source":"https://github.com/php/php-src/commit/3b8d4de300854b3517c7acb239b84f7726c1353c","signature_type":"Function","id":"CVE-2016-3078-e389ffa9","deprecated":false,"digest":{"length":1059,"function_hash":"62722076856804002345561822430900202743"}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3078.json","vanir_signatures_modified":"2026-04-11T04:02:05Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}