Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24424
HistoryApr 10, 2020 - 12:53 a.m.

Denial Of Service (DoS)

2020-04-1000:53:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
24
php
denial of service
vulnerability
null pointer
xml-rpc
crash
interpreter
xml-rpc request
software

EPSS

0.023

Percentile

89.8%

php is vulnerable to denial of service (DoS). The vulnerability exists as a NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially-crafted XML-RPC request.

Affected configurations

Vulners
Node
phpphpMatch5.1.6_11.el5
OR
phpphpMatch5.1.6_7.el5
OR
phpphpMatch5.1.6_20.el5_2.1
OR
phpphpMatch5.1.6_12.el5
OR
phpphpMatch5.1.6_20.el5
OR
phpphpMatch5.1.6_23.2.el5_3
OR
phpphpMatch5.1.6_24.el5_4.5
OR
phpphpMatch5.1.6_15.el5
OR
phpphpMatch5.1.6_23.el5
OR
phpphpMatch5.1.6_5.el5
OR
phpphpMatch5.1.6_11.el5
OR
phpphpMatch5.1.6_7.el5
OR
phpphpMatch5.1.6_20.el5_2.1
OR
phpphpMatch5.1.6_12.el5
OR
phpphpMatch5.1.6_20.el5
OR
phpphpMatch5.1.6_23.2.el5_3
OR
phpphpMatch5.1.6_24.el5_4.5
OR
phpphpMatch5.1.6_15.el5
OR
phpphpMatch5.1.6_23.el5
OR
phpphpMatch5.1.6_5.el5
VendorProductVersionCPE
phpphp5.1.6_11.el5cpe:2.3:a:php:php:5.1.6_11.el5:*:*:*:*:*:*:*
phpphp5.1.6_7.el5cpe:2.3:a:php:php:5.1.6_7.el5:*:*:*:*:*:*:*
phpphp5.1.6_20.el5_2.1cpe:2.3:a:php:php:5.1.6_20.el5_2.1:*:*:*:*:*:*:*
phpphp5.1.6_12.el5cpe:2.3:a:php:php:5.1.6_12.el5:*:*:*:*:*:*:*
phpphp5.1.6_20.el5cpe:2.3:a:php:php:5.1.6_20.el5:*:*:*:*:*:*:*
phpphp5.1.6_23.2.el5_3cpe:2.3:a:php:php:5.1.6_23.2.el5_3:*:*:*:*:*:*:*
phpphp5.1.6_24.el5_4.5cpe:2.3:a:php:php:5.1.6_24.el5_4.5:*:*:*:*:*:*:*
phpphp5.1.6_15.el5cpe:2.3:a:php:php:5.1.6_15.el5:*:*:*:*:*:*:*
phpphp5.1.6_23.el5cpe:2.3:a:php:php:5.1.6_23.el5:*:*:*:*:*:*:*
phpphp5.1.6_5.el5cpe:2.3:a:php:php:5.1.6_5.el5:*:*:*:*:*:*:*

References