KLA10930
Denial of service vulnerability in PHP
Обновлено: 17/06/2019
Дата обнаружения
04/01/2017
Уровень угрозы
Critical
Описание

An unspecified vulnerability was found in PHP before 5.6.29 and 7.x before 7.0.14. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via an empty boolean element in a wddxPacket XML document.


Technical details

This vulnerability occurs in the php_wddx_push_element function in ext/wddx/wddx.c.

Пораженные продукты

PHP before 5.6.29
PHP 7.x before 7.0.14

Решение

Update to the latest version
Download PHP

Первичный источник обнаружения
PHP 7 ChangeLog
PHP 5 ChangeLog
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
PHP
CVE-IDS
CVE-2016-99357.5Critical