Multiple vulnerabilities in PHP



Published: 2017-10-27
Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2017-11145
CVE-2017-16642
CWE-ID CWE-125
CWE-476
CWE-835
CWE-119
Exploitation vector Network
Public exploit Public exploit code for vulnerability #4 is available.
Vulnerable software
Subscribe 		PHP
Universal components / Libraries / Scripting languages

Vendor PHP Group

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU8965

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2017-11145

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to out-of-bounds read in timelib_meridian(). A remote attacker can read arbitrary data on the target system.

Mitigation

Update to version 5.6.32.

Vulnerable software versions

PHP: 5.6.0 - 5.6.31, 5.5.0 - 5.5.38, 5.4.0 - 5.4.44, 5.1 - 5.1.6, 5.3.0 - 5.3.27, 5.2.0 - 5.2.17, 5.0 - 5.0.5

CPE2.3 External links

http://php.net/ChangeLog-5.php#5.6.32

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Null pointer dereference

EUVDB-ID: #VU8966

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to null pointer dereference in zend_mm_alloc_small(). A remote attacker can cause the application to crash.

Mitigation

Update to version 7.0.25 or 7.1.11.

Vulnerable software versions

PHP: 7.0.0 - 7.0.24, 7.1.0 - 7.1.10

CPE2.3 External links

http://php.net/ChangeLog-7.php#7.0.25
http://php.net/ChangeLog-7.php#7.1.11

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Infinite loop

EUVDB-ID: #VU8967

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to infinite loop when printing an error-message. A remote attacker can cause the application to crash.

Mitigation

Update to version 7.0.25 or 7.1.11.

Vulnerable software versions

PHP: 7.0.0 - 7.0.24, 7.1.0 - 7.1.10

CPE2.3 External links

http://php.net/ChangeLog-7.php#7.0.25
http://php.net/ChangeLog-7.php#7.1.11

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Out-of-bounds read

EUVDB-ID: #VU8968

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2017-16642

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in timelib_meridian(). A remote attacker can cause the application to crash.

Mitigation

Update to version 7.0.25 or 7.1.11.

Vulnerable software versions

PHP: 7.0.0 - 7.0.24, 7.1.0 - 7.1.10

CPE2.3 External links

http://bugs.php.net/bug.php?id=75055

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Denial of service

EUVDB-ID: #VU8969

Risk: Low

CVSSv3.1:

CVE-ID: N/A

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to data corruption when reading fields of bit type. A remote attacker can cause the application to crash.

Mitigation

Update to version 7.1.11.

Vulnerable software versions

PHP: 7.1.0 - 7.1.10

CPE2.3 External links

http://php.net/ChangeLog-7.php#7.1.11

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###