KLA10943
Denial of service vulnerability in PHP
Updated: 06/17/2019
Detect date
?
01/11/2017
Severity
?
Warning
Description

An infinite loop vulnerability was found in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed object in serialized data.


Technical details

Vulnerability was found in Zend/zend_exceptions.c.

Vulnerability is related to CVE-2015-8876.

Affected products

PHP 5.x before 5.6.28
PHP 7.x before 7.0.13

Solution

Update to the latest versions
Download PHP

Original advisories

PHP Bug Tracking System

Impacts
?
DoS 
[?]
Related products
PHP
CVE-IDS
?
CVE-2016-74785.0Critical