Type	Vendor	Product	Version/Range	Vulnerable?
Application	php	php	≤ 5.5.36	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.1	Yes
Application	php	php	5.6.2	Yes
Application	php	php	5.6.3	Yes
Application	php	php	5.6.4	Yes
Application	php	php	5.6.5	Yes
Application	php	php	5.6.6	Yes
Application	php	php	5.6.7	Yes
Application	php	php	5.6.8	Yes
Application	php	php	5.6.9	Yes
Application	php	php	5.6.10	Yes
Application	php	php	5.6.11	Yes
Application	php	php	5.6.12	Yes
Application	php	php	5.6.13	Yes
Application	php	php	5.6.14	Yes
Application	php	php	5.6.15	Yes
Application	php	php	5.6.16	Yes
Application	php	php	5.6.17	Yes
Application	php	php	5.6.18	Yes
Application	php	php	5.6.19	Yes
Application	php	php	5.6.20	Yes
Application	php	php	5.6.21	Yes
Application	php	php	5.6.22	Yes
Application	php	php	7.0.0	Yes
Application	php	php	7.0.1	Yes
Application	php	php	7.0.2	Yes
Application	php	php	7.0.3	Yes
Application	php	php	7.0.4	Yes
Application	php	php	7.0.5	Yes
Application	php	php	7.0.6	Yes
Application	php	php	7.0.7	Yes

• http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1 ([email protected])
• http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html ([email protected])
• http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html ([email protected])
• http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html ([email protected])
• http://php.net/ChangeLog-5.php Patch, Release Notes ([email protected])
• http://php.net/ChangeLog-7.php Release Notes ([email protected])
• http://rhn.redhat.com/errata/RHSA-2016-2598.html ([email protected])
• http://rhn.redhat.com/errata/RHSA-2016-2750.html ([email protected])
• http://www.debian.org/security/2016/dsa-3618 ([email protected])
• http://www.openwall.com/lists/oss-security/2016/06/23/4 Release Notes ([email protected])
• http://www.securityfocus.com/bid/91396 ([email protected])
• https://bugs.php.net/bug.php?id=72402 Exploit, Vendor Advisory ([email protected])
• https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 ([email protected])
• https://support.apple.com/HT207170 ([email protected])
• http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1 (af854a3a-2127-422b-91ae-364da2661108)
• http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html (af854a3a-2127-422b-91ae-364da2661108)
• http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html (af854a3a-2127-422b-91ae-364da2661108)
• http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html (af854a3a-2127-422b-91ae-364da2661108)
• http://php.net/ChangeLog-5.php Patch, Release Notes (af854a3a-2127-422b-91ae-364da2661108)
• http://php.net/ChangeLog-7.php Release Notes (af854a3a-2127-422b-91ae-364da2661108)
• http://rhn.redhat.com/errata/RHSA-2016-2598.html (af854a3a-2127-422b-91ae-364da2661108)
• http://rhn.redhat.com/errata/RHSA-2016-2750.html (af854a3a-2127-422b-91ae-364da2661108)
• http://www.debian.org/security/2016/dsa-3618 (af854a3a-2127-422b-91ae-364da2661108)
• http://www.openwall.com/lists/oss-security/2016/06/23/4 Release Notes (af854a3a-2127-422b-91ae-364da2661108)
• http://www.securityfocus.com/bid/91396 (af854a3a-2127-422b-91ae-364da2661108)
• https://bugs.php.net/bug.php?id=72402 Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
• https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 (af854a3a-2127-422b-91ae-364da2661108)
• https://support.apple.com/HT207170 (af854a3a-2127-422b-91ae-364da2661108)