QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2011-4885

Back to search

CVE-2011-4885

Published: Dec 30, 2011

Modified: Aug 7, 2024

PUBLISHED

Description

PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

VendorProductVersions

n/a

n/a

affected
n/a

References

HPSBMU02786
vendor-advisory
x_refsource_HP
1026473
vdb-entry
x_refsource_SECTRACK
47404
third-party-advisory
x_refsource_SECUNIA
HPSBOV02763
vendor-advisory
x_refsource_HP
php-hash-dos(72021)
vdb-entry
x_refsource_XF
18296
exploit
x_refsource_EXPLOIT-DB
DSA-2399
vendor-advisory
x_refsource_DEBIAN
SUSE-SU-2012:0411
vendor-advisory
x_refsource_SUSE
MDVSA-2011:197
vendor-advisory
x_refsource_MANDRIVA
18305
exploit
x_refsource_EXPLOIT-DB
openSUSE-SU-2012:0426
vendor-advisory
x_refsource_SUSE
SSRT100826
vendor-advisory
x_refsource_HP
48668
third-party-advisory
x_refsource_SECUNIA
RHSA-2012:0019
vendor-advisory
x_refsource_REDHAT
51193
vdb-entry
x_refsource_BID
VU#903934
third-party-advisory
x_refsource_CERT-VN
RHSA-2012:0071
vendor-advisory
x_refsource_REDHAT
SSRT100728
vendor-advisory
x_refsource_HP
SSRT100877
vendor-advisory
x_refsource_HP
HPSBUX02741
vendor-advisory
x_refsource_HP
MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
APPLE-SA-2012-05-09-1
vendor-advisory
x_refsource_APPLE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now