PHP 3/4/5 ZendEngine Variable Destruction Remote Denial of Service Vulnerability

ID SSV:83180
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


PHP is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input.

An attacker who can run PHP code on a vulnerable computer may exploit this vulnerability to crash PHP and the webserver, denying service to legitimate users.

This issue affects all versions of PHP. 

$ php -r 'echo "a".str_repeat("[]",200000)."=1&a=0";' > postdata

$ curl -d @postdata