View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-5772 severity moderate: SUSE including 318 source package names (apache2-mod_php5-5.2.14-0.7.30.89.1, apache2-mod_php5-5.5.14-68.1, …), 801 product×package rows across 22 product lines (SUSE Enterprise Storage 7.1, SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS, … (22 product lines)): Known Not Affected 508, Fixed 293.
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.