CVE-2017-11142

Published: Jul 10, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/php/php-src/commit/0f8cf3b8497dc45c010c44ed9e96518e11e19fc3

x_refsource_CONFIRM

http://openwall.com/lists/oss-security/2017/07/10/6

x_refsource_CONFIRM

https://www.tenable.com/security/tns-2017-12

x_refsource_CONFIRM

https://bugs.php.net/bug.php?id=73807

x_refsource_CONFIRM

https://github.com/php/php-src/commit/a15bffd105ac28fd0dd9b596632dbf035238fda3

x_refsource_CONFIRM

http://php.net/ChangeLog-5.php

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20180112-0001/

x_refsource_CONFIRM

99601

vdb-entry

x_refsource_BID

DSA-4081

vendor-advisory

x_refsource_DEBIAN

http://php.net/ChangeLog-7.php

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-11142

Description

Affected Products

References