Lucene search

K
f5F5F5:K13588
HistorySep 11, 2013 - 12:00 a.m.

K13588 : PHP vulnerability CVE-2011-4885

2013-09-1100:00:00
my.f5.com
53

AI Score

6.4

Confidence

Low

EPSS

0.875

Percentile

98.7%

Security Advisory Description

PHP versions prior to 5.3.9 compute hash values for form parameters without restricting the ability to trigger hash collisions predictably, which may allow remote attackers to cause a denial of service (DoS) (CPU consumption) by sending many crafted parameters. (CVE-2011-4885)
Impact
BIG-IPAuthenticated users accessing the Configuration utility may be able to cause a DoS (CPU consumption) by sending many requests containing crafted parameters.FirePass
Authenticated users may be able to cause a DoS (CPU consumption) by sending many requests containing crafted parameters.