Vulnerability identifier: #VU44297
Vulnerability risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
PHP
Universal components / Libraries /
Scripting languages
Vendor: PHP Group
Description
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
Mitigation
Install update from vendor's website.
Vulnerable software versions
PHP: 5.0.0 - 5.0.5, 5.1.1 - 5.1.6, 5.2.0 - 5.2.17, 5.3.0 - 5.3.7
External links
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html
http://secunia.com/advisories/48668
http://www.php.net/ChangeLog-5.php#5.3.9
http://bugs.php.net/bug.php?id=55776
http://bugzilla.redhat.com/show_bug.cgi?id=783605
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.