- Plesk 12.5 for Linux
- Plesk 12.0 for Linux
An integer wrap may occur in PHP 7.x when reading zip files with thegetFromindex() and getFromName() methods of ZipArchive, resulting in aheap overflow. This security issue got CVE-2016-3078 assigned. PHP 7 packaged by Plesk team is also affected.
Affected PHP version was already updated by vendor to include fixes this security issue. Plesk team also updated PHP in our package to close this security treat, fix is included in the recent Micro-Updates:
Plesk takes the security of our customers very seriously and encourages you to apply updates as soon as possible.