{"id":"CVE-2016-7411","details":"ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.","modified":"2026-03-15T22:11:20.947919Z","published":"2016-09-17T21:59:02.573Z","related":["MGASA-2016-0319","SUSE-SU-2016:2459-1","SUSE-SU-2016:2461-1","SUSE-SU-2016:2477-1","SUSE-SU-2016:2477-2"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1036836"},{"type":"WEB","url":"http://www.securityfocus.com/bid/93009"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201611-22"},{"type":"ADVISORY","url":"http://www.php.net/ChangeLog-5.php"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=73052"},{"type":"FIX","url":"https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2016/09/15/10"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"last_affected":"e37064dae4a80c70405899bb591969bbe6aad9a8"},{"fixed":"6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.6.25"}]}}],"versions":["NEWS","NEWS-cvs2svn","php-5.3.23RC1","php-5.3.29","php-5.3.29RC1","php-5.4.30RC1","php-5.4.32RC1","php-5.4.4RC2","php-5.5.24RC1","php-5.6.18RC1","php-5.6.19RC1","php-5.6.22RC1","php-5.6.23RC1","php-5.6.24RC1","php-5.6.25","php-5.6.25RC1"],"database_specific":{"vanir_signatures":[{"deprecated":false,"target":{"file":"ext/standard/var_unserializer.c","function":"php_var_unserialize"},"digest":{"function_hash":"197201877932423095753011497744349995199","length":17379},"source":"https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43","signature_type":"Function","id":"CVE-2016-7411-4e3db367","signature_version":"v1"},{"deprecated":false,"target":{"file":"ext/standard/var_unserializer.c"},"digest":{"threshold":0.9,"line_hashes":["55005567468369368611164292450108655693","246272479898581294141415195713097288047","34485600507217702948409028682773263832","278547630791718218670873286455277713422","222456299962666884299276629321257473395","35291727437046760115314802880980306756","287067800058502421881414060793509803309","101784501276207766053882859089922867928","253939511003497259484369218287725169133","28854856498294819377545712021783898922","161166060838058096464842347185669553186","181474367725330236228627936428828780565","113005512450879757736920393970994251271","241505157048853268832102262950265781146","3594293359148188515499023312328676559","317880390176243499692135436385246080583","193970513563683429955243105150124714990","151525721448960007540581829422163253235","131619494778740792699116875231065282177","97078834316856778775959232843576759181","39647817218741847542493274976240534278","53399692971528912546978676753717806626","50321455944084839922867595985294632014","76363062086928298842568899046488648244","121310170061323753236667896826891593092","128955705140024659375197012355314907405","289759661604433454892482221109081143288","77796733071524313036015902594018077902","211886261311299517599288686036131535765","257905796037664936509332609224677800107","294719735237860765637398476327416445721","30186544984719627458477278072339516591","305441068158222162468294533060927179439","151559251473969236755467963490763668964","206609771344544808170079111675682436404","211515191059197277653918413978053682008","95443189681889067216406488785871226590","308046673847943158751923679736638257672","218859814643344679439682269398062972195","277291754795743228726504095839603148340","194262397844047861045831855113705642502","290024242022507585635296317920801467716","311167309118150055281572606216470766031","330413520066767310680612636428544264413","230474108440533835333684094958823056084","311257223181405248642002688951091133607","24144217229067952620893299293690797341","329321316663444951586907489049270244205","136648458098552707076569962137057554508","82760673428223954557907961665546461370","231215910029773123735548606864243223410","155839203016380286836257821256683757584","176629366749378689263014647448583282832","53266342243385612284074029149335532682","23694691058495523090077191577542601144","150274809359088780602000372262436512070","12487622487621764019102559827094360717","47781428044270170749059019373248861671","54273705678320978012838035296399311828","179794101545447039629168546290399163481","249475901685196263829271550987507219396","317605472097912216777276923192795288090","24579401128674852397992670066738973964","1854016455055092506071419626528115352","134168355472264967570266788995525914741","263222419994646199297841877693260588443","320231330622748172812437813276035096047","255725133322402644474336621799037170610","269359942060036654764862195073508939172","297964171743260663501010808886629588488","337636376025793233532488051128922728120","145284742622917905257553948364815146187","210472830864426651601698575483131339672","275915474511306188687583608935975887020","243961518786470081839207540806906918506","285299313028876497852273669209173833","187734228061571723413972040309685766688","243258424090245420339006281115630598526","308504603051266190607283646063077786272","122826297022855562295195540654569735301","332176875234483346258249651027821994726","251345270070948803649407850518045144912","141690066428905485990073034514404723267","240889254644274709379433592536123696023","119958680353381827621805632412498437634","50518464435721013707919341030016996650","56253076259826668724418967402968895253","53379192866757622336511509513884239024","150696814693602207726377780430234084224","133442979430562036665962443127864315173","90400745467137888392261426847917185848","111664045586250202426077714417272175202","52745000606477910756160017957810204591","51388981653003571918957703208683824275","220842215606896123331208628535140840845","213130249033199032046794315182446528821","198848032088164164842610262148194913184","217234025122291971479387091720116050043","48321505421424209326462008918037663437","310674237259908621624993214360276582444","47688906624705284611146428620712817051","313570138683617402028941989883696069615","325169024165300323148198388953566181754","322407698099982339444906360000862459888","15870367119770213525165174176275302103","19315970461890823688547745879354936582","83957370982233078642358265407006918363","5054797208326398475430903325449572218","89200285419740357544164914365775158142","165533313376618712400587195006111190580","195106869869900706566048242934186007141","313665715046923223985413781374347826368","67359400705853892981826238089652335934","133568321140615378063136281284471376761","179959986549877895638117203607717438681","52517111705528323124995868428434206605","324631387007369028660060934811745335097","68632674874864205532735732825981601566","114252392422215708369766956664663245574","217700298932011312419715712097098716932","128137643549413381108879600176764217678","308838117747157307222935522133103533577","463303861336674666643253306916977490","185634801050596730427157755406483480165","324221861419028180721437023182991746805"]},"source":"https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43","signature_type":"Line","id":"CVE-2016-7411-dbd32cdf","signature_version":"v1"},{"deprecated":false,"target":{"file":"ext/standard/var_unserializer.c","function":"object_common2"},"digest":{"function_hash":"150567426693144971353226408083285206335","length":897},"source":"https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43","signature_type":"Function","id":"CVE-2016-7411-de0ce1d8","signature_version":"v1"},{"deprecated":false,"target":{"file":"Zend/zend_objects_API.c"},"digest":{"threshold":0.9,"line_hashes":["128864551113351862900506164399088993545","19298251420475046602189816513773744015","4484577886989682523671866163858172222","236040157415594621944818356707533437887","104717128424993184406260918563436280355","127821859003941900418467277861989027831","25057723501374932745851002821459632518"]},"source":"https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43","signature_type":"Line","id":"CVE-2016-7411-df346122","signature_version":"v1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7411.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}