Intrusion Prevention

PHP.ZipArchive.getFromIndex.getFromName.Integer.Overflow

Description

This indicates an attack attempt to exploit an Integer Overflow vulnerability in PHP.
The vulnerability is due to a numeric error in the application when handling malicious requests. A remote attacker may be able exploit this via crafted requests to execute arbitrary codes with the current privileges of the running web server.

Affected Products

PHP Group PHP prior to 7.0.6

Impact

-System Compromise: Remote attackers can execute arbitrary code within the context of a targeted web server.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://bugs.php.net/bug.php?id=71923

CVE References

CVE-2016-3078

Other References

71923 1035701