PHP CVE-2016-6294 Local Information Disclosure Vulnerability

PHP is prone to an local information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Failed exploit attempts will result in a denial-of-service condition.

Information

Bugtraq ID: 92115
Class: Unknown
CVE: CVE-2016-6294

Remote: No
Local: Yes
Published: Jul 03 2016 12:00AM
Updated: Apr 22 2017 01:31AM
Credit: fernando
Vulnerable: PHP PHP 7.0.5
PHP PHP 7.0.3
PHP PHP 7.0
PHP PHP 5.6.22
PHP PHP 5.6.21
PHP PHP 5.6.20
PHP PHP 5.6.19
PHP PHP 5.6.18
PHP PHP 5.6.17
PHP PHP 5.6.13
PHP PHP 5.6.12
PHP PHP 5.6.11
PHP PHP 5.6.5
PHP PHP 5.6.4
PHP PHP 5.6.1
PHP PHP 5.6
PHP PHP 5.5.35
PHP PHP 5.5.34
PHP PHP 5.5.33
PHP PHP 5.5.32
PHP PHP 5.5.29
PHP PHP 5.5.28
PHP PHP 5.5.27
PHP PHP 5.5.26
PHP PHP 5.5.21
PHP PHP 5.5.14
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ S.u.S.E. Linux Personal 9.2
+ Turbolinux Turbolinux Server 10.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
PHP PHP 5.5.13
PHP PHP 5.5.12
PHP PHP 5.5.11
PHP PHP 5.5.10
PHP PHP 5.5.6
PHP PHP 5.5.5
PHP PHP 5.5.4
PHP PHP 5.5.3
PHP PHP 5.5.1
PHP PHP 5.5
PHP PHP 7.0.8
PHP PHP 7.0.7
PHP PHP 7.0.6
PHP PHP 7.0.4
PHP PHP 7.0.2
PHP PHP 7.0.1
PHP PHP 5.6.9
PHP PHP 5.6.8
PHP PHP 5.6.7
PHP PHP 5.6.6
PHP PHP 5.6.3
PHP PHP 5.6.23
PHP PHP 5.6.2
PHP PHP 5.6.14
PHP PHP 5.6.10
PHP PHP 5.5.9
PHP PHP 5.5.8
PHP PHP 5.5.7
PHP PHP 5.5.37
PHP PHP 5.5.36
PHP PHP 5.5.31
PHP PHP 5.5.30
PHP PHP 5.5.25
PHP PHP 5.5.24
PHP PHP 5.5.23
PHP PHP 5.5.22
PHP PHP 5.5.20
PHP PHP 5.5.2
PHP PHP 5.5.19
PHP PHP 5.5.18
PHP PHP 5.5.17
PHP PHP 5.5.16
PHP PHP 5.5.15
Oracle Secure Backup 10.4 1
Oracle Secure Backup 12.1.0.2.0
Oracle Secure Backup 12.1
Oracle Secure Backup 10.4.0.4.0
Oracle Secure Backup 10.3.0.3
Oracle Secure Backup 10.3.0.2
Oracle Secure Backup 10.3.0.1.0
Oracle Secure Backup 10.2.0.3
Oracle Secure Backup 10.2.0.2
Oracle Secure Backup 10.1.0.3
Oracle Secure Backup 10.1.0.2
Oracle Secure Backup 10.1.0.1
IBM Tealeaf Customer Experience on Cloud Network Capture Add-On 16.1.01
HP StoreEver MSL6480 Tape Library 4.90
HP StoreEver MSL6480 Tape Library 4.40
HP StoreEver MSL6480 Tape Library 4.10
Gentoo Linux
Apple Mac Os X 10.11.6

Not Vulnerable: PHP PHP 5.5.38
PHP PHP 7.0.9
PHP PHP 5.6.24
Oracle Secure Backup 12.1.0.3
HP StoreEver MSL6480 Tape Library 5.10
Apple macOS 10.12

References:

• Fix bug #72533 (locale_accept_from_http out-of-bounds access) (PHP)
  
• Mac OS X Homepage (Apple)
  
• PHP 5 ChangeLog (PHP)
  
• PHP 7 ChangeLog (PHP)
  
• PHP Homepage (PHP)
  
• Bug 1359811 - (CVE-2016-6294) CVE-2016-6294 php: Out-of-bounds access in locale (Bugzilla)
  
• #72533 locale_accept_from_http out-of-bounds access (PHP)
  
• HPSBST03671 rev.1 - HPE StoreEver MSL6480 Tape Library, Remote Unauthorized Disc (HP)
  
• Oracle Critical Patch Update Advisory - April 2017 (Oracle)
  
• swg21994534: Multiple security issues in IBM Tealeaf Customer Experience on Clou (IBM)
  

Source: www.securityfocus.com