6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.882 High
EPSS
Percentile
98.6%
Issue Overview:
It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000. (CVE-2011-4885)
An integer overflow flaw was found in the PHP exif extension. On 32-bit systems, a specially-crafted image file could cause the PHP interpreter to crash or disclose portions of its memory when a PHP script tries to extract Exchangeable image file format (Exif) metadata from the image file. (CVE-2011-4566)
Affected Packages:
php
Issue Correction:
Run yum update php to update your system.
New Packages:
i686:
php-dba-5.3.9-1.9.amzn1.i686
php-odbc-5.3.9-1.9.amzn1.i686
php-embedded-5.3.9-1.9.amzn1.i686
php-mbstring-5.3.9-1.9.amzn1.i686
php-pgsql-5.3.9-1.9.amzn1.i686
php-common-5.3.9-1.9.amzn1.i686
php-debuginfo-5.3.9-1.9.amzn1.i686
php-ldap-5.3.9-1.9.amzn1.i686
php-cli-5.3.9-1.9.amzn1.i686
php-fpm-5.3.9-1.9.amzn1.i686
php-5.3.9-1.9.amzn1.i686
php-imap-5.3.9-1.9.amzn1.i686
php-bcmath-5.3.9-1.9.amzn1.i686
php-soap-5.3.9-1.9.amzn1.i686
php-devel-5.3.9-1.9.amzn1.i686
php-xml-5.3.9-1.9.amzn1.i686
php-pdo-5.3.9-1.9.amzn1.i686
php-mcrypt-5.3.9-1.9.amzn1.i686
php-mysqlnd-5.3.9-1.9.amzn1.i686
php-snmp-5.3.9-1.9.amzn1.i686
php-mysql-5.3.9-1.9.amzn1.i686
php-process-5.3.9-1.9.amzn1.i686
php-tidy-5.3.9-1.9.amzn1.i686
php-intl-5.3.9-1.9.amzn1.i686
php-gd-5.3.9-1.9.amzn1.i686
php-pspell-5.3.9-1.9.amzn1.i686
php-mssql-5.3.9-1.9.amzn1.i686
php-xmlrpc-5.3.9-1.9.amzn1.i686
src:
php-5.3.9-1.9.amzn1.src
x86_64:
php-embedded-5.3.9-1.9.amzn1.x86_64
php-xml-5.3.9-1.9.amzn1.x86_64
php-intl-5.3.9-1.9.amzn1.x86_64
php-soap-5.3.9-1.9.amzn1.x86_64
php-ldap-5.3.9-1.9.amzn1.x86_64
php-mcrypt-5.3.9-1.9.amzn1.x86_64
php-debuginfo-5.3.9-1.9.amzn1.x86_64
php-pgsql-5.3.9-1.9.amzn1.x86_64
php-mysqlnd-5.3.9-1.9.amzn1.x86_64
php-odbc-5.3.9-1.9.amzn1.x86_64
php-mbstring-5.3.9-1.9.amzn1.x86_64
php-pspell-5.3.9-1.9.amzn1.x86_64
php-pdo-5.3.9-1.9.amzn1.x86_64
php-tidy-5.3.9-1.9.amzn1.x86_64
php-dba-5.3.9-1.9.amzn1.x86_64
php-gd-5.3.9-1.9.amzn1.x86_64
php-fpm-5.3.9-1.9.amzn1.x86_64
php-cli-5.3.9-1.9.amzn1.x86_64
php-devel-5.3.9-1.9.amzn1.x86_64
php-mysql-5.3.9-1.9.amzn1.x86_64
php-mssql-5.3.9-1.9.amzn1.x86_64
php-xmlrpc-5.3.9-1.9.amzn1.x86_64
php-process-5.3.9-1.9.amzn1.x86_64
php-bcmath-5.3.9-1.9.amzn1.x86_64
php-snmp-5.3.9-1.9.amzn1.x86_64
php-common-5.3.9-1.9.amzn1.x86_64
php-5.3.9-1.9.amzn1.x86_64
php-imap-5.3.9-1.9.amzn1.x86_64
Red Hat: CVE-2011-4566, CVE-2011-4885
Mitre: CVE-2011-4566, CVE-2011-4885
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | php-dba | < 5.3.9-1.9.amzn1 | php-dba-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-odbc | < 5.3.9-1.9.amzn1 | php-odbc-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-embedded | < 5.3.9-1.9.amzn1 | php-embedded-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-mbstring | < 5.3.9-1.9.amzn1 | php-mbstring-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-pgsql | < 5.3.9-1.9.amzn1 | php-pgsql-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-common | < 5.3.9-1.9.amzn1 | php-common-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-debuginfo | < 5.3.9-1.9.amzn1 | php-debuginfo-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-ldap | < 5.3.9-1.9.amzn1 | php-ldap-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-cli | < 5.3.9-1.9.amzn1 | php-cli-5.3.9-1.9.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | php-fpm | < 5.3.9-1.9.amzn1 | php-fpm-5.3.9-1.9.amzn1.i686.rpm |