Added max_input_vars directive to prevent attacks
based on hash collisions. (CVE-2011-4885)
Fixed bug #60150 (Integer overflow during the parsing
of invalid exif header). (CVE-2011-4566)

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphp5< 5.3.9UNKNOWN
FreeBSDanynoarchphp5-exif< 5.3.9UNKNOWN
FreeBSDanynoarchphp52< 5.2.17_5UNKNOWN
FreeBSDanynoarchphp52-exif< 5.2.17_6UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	php5	< 5.3.9	UNKNOWN
FreeBSD	any	noarch	php5-exif	< 5.3.9	UNKNOWN
FreeBSD	any	noarch	php52	< 5.2.17_5	UNKNOWN
FreeBSD	any	noarch	php52-exif	< 5.2.17_6	UNKNOWN

References

www.nruns.com/_downloads/advisory28122011.pdf

nessus 46

openvas 80

fedora 12

centos 5

amazon 2

oraclelinux 3

redhat 5

securityvulns 4

debian 2

seebug 6

osv 1

checkpoint_advisories 3

packetstorm 2

prion 3

veracode 3

ubuntu 3

f5 4

exploitpack 2

cve 3

ubuntucve 3

exploitdb 2

suse 3

cert 1

gentoo 1

nessus

CentOS 5 / 6 : php / php53 (CESA-2012:0019)

2012-01-12 00:00:00

Scientific Linux Security Update : php53 and php on SL5.x, SL6.x i386/x86_64 (20120111)

2012-08-01 00:00:00

Oracle Linux 5 / 6 : php / php53 (ELSA-2012-0019)

2013-07-12 00:00:00

openvas

Amazon Linux: Security Advisory (ALAS-2012-37)

2015-09-08 00:00:00

Fedora Update for maniadrive FEDORA-2012-0504

2012-04-02 00:00:00

Fedora Update for php-eaccelerator FEDORA-2012-0420

2012-02-01 00:00:00

fedora

[SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.1

2012-01-19 22:00:25

[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.1

2012-01-19 22:00:25

[SECURITY] Fedora 16 Update: php-5.3.9-1.fc16

2012-01-19 22:00:25

centos

php, php53 security update

2012-01-11 19:19:36

php security update

2012-01-30 20:44:11

php security update

2012-01-18 19:55:58

amazon

Medium: php

2012-01-19 20:10:00

Critical: php

2012-02-02 16:10:00

oraclelinux

php53 and php security update

2012-01-11 00:00:00

php security update

2012-01-30 00:00:00

php security update

2012-01-18 00:00:00

redhat

(RHSA-2012:0019) Moderate: php53 and php security update

2012-01-11 00:00:00

(RHSA-2012:0071) Moderate: php security update

2012-01-30 00:00:00

(RHSA-2012:0033) Moderate: php security update

2012-01-18 00:00:00

securityvulns

PHP security vulnerabilities

2012-02-08 00:00:00

[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision

2012-01-02 00:00:00

[ MDVSA-2012:065 ] php

2012-05-01 00:00:00

debian

[SECURITY] [DSA 2399-2] php5 regression fix

2012-01-31 15:26:47

[SECURITY] [DSA 2399-1] php5 security update

2012-01-31 07:22:58

seebug

PHP "exif_process_IFD_TAG()"远程整数溢出漏洞

2011-12-07 00:00:00

PHP Hashtables Denial of Service

2014-07-01 00:00:00

PHP Web表单哈希冲突拒绝服务漏洞

2012-01-01 00:00:00

osv

php5 - several

2012-01-31 00:00:00

checkpoint_advisories

PHP5 Hash Collision Denial Of Service - Ver2 (CVE-2011-4885)

2014-03-03 00:00:00

PHP Exif Header Parsing Integer Overflow (CVE-2011-4566)

2012-08-27 00:00:00

PHP Exif Header Parsing Integer Overflow - Ver2 (CVE-2011-4566)

2015-03-26 00:00:00

packetstorm

PHP 5.3.x Hashtables Proof Of Concept

2012-01-01 00:00:00

PHP 5.3.x Hash Collision Proof Of Concept Code

2012-01-02 00:00:00

prion

Code injection

2011-12-30 01:55:00

Design/Logic Flaw

2012-02-06 20:55:00

Integer overflow

2011-11-29 00:55:00

veracode

Denial Of Service (DoS)

2020-04-10 01:06:05

Denial Of Service (DoS)

2020-04-10 01:06:05

Remote Code Execution (RCE)

2020-04-10 01:10:12

ubuntu

PHP vulnerability

2011-12-14 00:00:00

PHP regression

2012-02-13 00:00:00

PHP vulnerabilities

2012-02-10 00:00:00

K13588 : PHP vulnerability CVE-2011-4885

2013-09-11 00:00:00

SOL13588 - PHP vulnerability CVE-2011-4885

2012-05-17 00:00:00

K13519 : Multiple PHP vulnerabilities

2013-09-20 00:00:00

exploitpack

PHP 5.3.8 - Hashtables Denial of Service

2012-01-01 00:00:00

PHP Hash Table Collision - Denial of Service (PoC)

2012-01-03 00:00:00

cve

CVE-2011-4885

2011-12-30 01:55:00

CVE-2012-0830

2012-02-06 20:55:00

CVE-2011-4566

2011-11-29 00:55:00

ubuntucve

CVE-2011-4885

2011-12-29 00:00:00

CVE-2012-0830

2012-02-06 00:00:00

CVE-2011-4566

2011-11-28 00:00:00

exploitdb

PHP 5.3.8 - Hashtables Denial of Service

2012-01-01 00:00:00

PHP Hash Table Collision - Denial of Service (PoC)

2012-01-03 00:00:00

suse

update for php5 (important)

2012-03-29 15:08:14

Security update for PHP5 (important)

2012-04-12 23:08:15

Security update for PHP5 (important)

2012-03-24 03:08:28

cert

Hash table implementations vulnerable to algorithmic complexity attacks

2011-12-28 00:00:00

gentoo

PHP: Multiple vulnerabilities

2012-09-24 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.882 High

EPSS

Percentile

98.6%

JSON

Related for D3921810-3C80-11E1-97E8-00215C6A37BB