Type	Vendor	Product	Version/Range	Vulnerable?
Application	php	php	≤ 5.5.37	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.0	Yes
Application	php	php	5.6.1	Yes
Application	php	php	5.6.2	Yes
Application	php	php	5.6.3	Yes
Application	php	php	5.6.4	Yes
Application	php	php	5.6.5	Yes
Application	php	php	5.6.6	Yes
Application	php	php	5.6.7	Yes
Application	php	php	5.6.8	Yes
Application	php	php	5.6.9	Yes
Application	php	php	5.6.10	Yes
Application	php	php	5.6.11	Yes
Application	php	php	5.6.12	Yes
Application	php	php	5.6.13	Yes
Application	php	php	5.6.14	Yes
Application	php	php	5.6.15	Yes
Application	php	php	5.6.16	Yes
Application	php	php	5.6.17	Yes
Application	php	php	5.6.18	Yes
Application	php	php	5.6.19	Yes
Application	php	php	5.6.20	Yes
Application	php	php	5.6.21	Yes
Application	php	php	5.6.22	Yes
Application	php	php	5.6.23	Yes
Application	php	php	7.0.0	Yes
Application	php	php	7.0.1	Yes
Application	php	php	7.0.2	Yes
Application	php	php	7.0.3	Yes
Application	php	php	7.0.4	Yes
Application	php	php	7.0.5	Yes
Application	php	php	7.0.8	Yes

• http://fortiguard.com/advisory/fortinet-discovers-php-stack-based-buffer-overflow-vulnerabilities Third Party Advisory ([email protected])
• http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0218acb7e756a469099c4ccfb22bce6c2bd1ef87 ([email protected])
• http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html ([email protected])
• http://openwall.com/lists/oss-security/2016/07/24/2 Mailing List ([email protected])
• http://php.net/ChangeLog-5.php Release Notes ([email protected])
• http://php.net/ChangeLog-7.php Release Notes ([email protected])
• http://rhn.redhat.com/errata/RHSA-2016-2750.html ([email protected])
• http://www.debian.org/security/2016/dsa-3631 ([email protected])
• http://www.securityfocus.com/bid/92074 Third Party Advisory, VDB Entry ([email protected])
• http://www.securitytracker.com/id/1036430 ([email protected])
• https://bugs.php.net/72513 Exploit, Issue Tracking, Mitigation, Third Party Advisory ([email protected])
• https://security.gentoo.org/glsa/201611-22 ([email protected])
• https://support.apple.com/HT207170 ([email protected])
• http://fortiguard.com/advisory/fortinet-discovers-php-stack-based-buffer-overflow-vulnerabilities Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
• http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0218acb7e756a469099c4ccfb22bce6c2bd1ef87 (af854a3a-2127-422b-91ae-364da2661108)
• http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html (af854a3a-2127-422b-91ae-364da2661108)
• http://openwall.com/lists/oss-security/2016/07/24/2 Mailing List (af854a3a-2127-422b-91ae-364da2661108)
• http://php.net/ChangeLog-5.php Release Notes (af854a3a-2127-422b-91ae-364da2661108)
• http://php.net/ChangeLog-7.php Release Notes (af854a3a-2127-422b-91ae-364da2661108)
• http://rhn.redhat.com/errata/RHSA-2016-2750.html (af854a3a-2127-422b-91ae-364da2661108)
• http://www.debian.org/security/2016/dsa-3631 (af854a3a-2127-422b-91ae-364da2661108)
• http://www.securityfocus.com/bid/92074 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
• http://www.securitytracker.com/id/1036430 (af854a3a-2127-422b-91ae-364da2661108)
• https://bugs.php.net/72513 Exploit, Issue Tracking, Mitigation, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
• https://security.gentoo.org/glsa/201611-22 (af854a3a-2127-422b-91ae-364da2661108)
• https://support.apple.com/HT207170 (af854a3a-2127-422b-91ae-364da2661108)