Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_98862
HistoryJan 09, 2019 - 12:00 a.m.

PHP 7.1.x < 7.1.5 Multiple Vulnerabilities

2019-01-0900:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5
JSON

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.5. It is, therefore, affected by the following vulnerabilities :

  • A memory allocation issue exists in the zend_string_extend() function in file Zend/zend_string.h when concatenating strings due to a failure to prevent changes to string objects that result in a negative length. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or possibly other unspecified impact. (CVE-2017-8923)

  • A memory allocation issue exists in the i_zval_ptr_dtor() function in Zend/zend_variables.h when allocating large amounts of memory. An unauthenticated, remote attacker can exploit this, via crafted operations on array data structures, to cause a denial of service condition. (CVE-2017-9119)

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersionCPE
phpphp*cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Related

nessus 16
openvas 17
veracode 2
debiancve 2
prion 2
cve 2
osv 4
ubuntucve 2
suse 4
cbl_mariner 1
redhatcve 2
ubuntu 3
rosalinux 1
nessus
nessus
PHP 7.0.x < 7.0.19 Multiple Vulnerabilities
2019-01-09 00:00:00
PHP 7.0.x < 7.0.19 Multiple Vulnerabilities
2017-05-25 00:00:00
PHP 7.1.x < 7.1.5 Multiple Vulnerabilities
2017-05-25 00:00:00
openvas
openvas
PHP <= 7.1.5 Multiple DoS Vulnerabilities
2021-11-26 00:00:00
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2022-2477)
2022-10-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0699-1)
2022-03-04 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-03-08 17:03:01
Denial Of Service (DoS)
2022-03-08 17:02:50
debiancve
debiancve
CVE-2017-9119
2017-05-21 19:29:00
CVE-2017-8923
2017-05-12 20:29:00
prion
prion
Design/Logic Flaw
2017-05-21 19:29:00
Design/Logic Flaw
2017-05-12 20:29:00
cve
cve
CVE-2017-9119
2017-05-21 19:29:00
CVE-2017-8923
2017-05-12 20:29:00
osv
osv
CVE-2017-9119
2017-05-21 19:29:00
CVE-2017-8923
2017-05-12 20:29:00
php7.2, php7.4 vulnerabilities
2022-03-03 13:58:39
ubuntucve
ubuntucve
CVE-2017-9119
2017-05-21 00:00:00
CVE-2017-8923
2017-05-12 00:00:00
suse
suse
Security update for php7 (moderate)
2022-03-04 00:00:00
Security update for php7 (moderate)
2022-03-02 00:00:00
Security update for nodejs8 (important)
2022-03-04 00:00:00
cbl_mariner
cbl_mariner
CVE-2017-8923 affecting package php 7.4.14-3
2024-04-23 09:06:27
redhatcve
redhatcve
CVE-2017-9119
2017-05-30 10:20:59
CVE-2017-8923
2017-05-17 15:10:25
ubuntu
ubuntu
PHP vulnerabilities
2022-03-07 00:00:00
PHP vulnerabilities
2022-02-22 00:00:00
PHP vulnerabilities
2022-03-03 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
JSON
Related for WEB_APPLICATION_SCANNING_98862
nessus16openvas17veracode2debiancve2prion2cve2osv4ubuntucve2suse4cbl_mariner1redhatcve2ubuntu3rosalinux1