Intrusion Prevention

PHP.TAR.File.Parsing.Uninitialized.Reference

Description

This indicates an attack attempt to exploit an Uninitialized Reference vulnerability in PHP.
The vulnerability is due to the application attempts to access an uninitialized pointer and a local variable while processing a TAR file. A remote attacker may be able exploit this to execute arbitrary code within the context of a targeted server via a crafted TAR file.

Affected Products

PHP Group PHP prior to 5.5.36
PHP Group PHP prior to 5.6.22
PHP Group PHP prior to 7.0.7

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://php.net/releases/5_5_36.php

CVE References

CVE-2016-4343