KLA10930
Denial of service vulnerability in PHP
Updated: 06/01/2019
Detect date
?
01/04/2017
Severity
?
Critical
Description

An unspecified vulnerability was found in PHP before 5.6.29 and 7.x before 7.0.14. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via an empty boolean element in a wddxPacket XML document.


Technical details

This vulnerability occurs in the php_wddx_push_element function in ext/wddx/wddx.c.

Affected products

PHP before 5.6.29
PHP 7.x before 7.0.14

Solution

Update to the latest version
Download PHP

Original advisories

PHP 7 ChangeLog
PHP 5 ChangeLog

Impacts
?
DoS 
[?]
Related products
PHP
CVE-IDS
?
CVE-2016-99357.5Critical