Lucene search

Veracode Vulnerability DatabaseVERACODE:24746

HistoryApr 10, 2020 - 1:03 a.m.

Denial Of Service (DoS)

2020-04-1001:03:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.13 Low

EPSS

Percentile

95.6%

JSON

php is vulnerable to denial of service (DoS). The vulnerability exists as multiple memory leak flaws were found in the PHP OpenSSL extension. A remote attacker able to make a PHP script use openssl_encrypt() or openssl_decrypt() repeatedly could cause the PHP interpreter to use an excessive amount of memory.

CPENameOperatorVersion
phpeq5.3.2__6.el6
phpeq5.3.2__6.el6_0.1
phpeq5.3.2__6.el6
phpeq5.3.2__6.el6_0.1

Name	Operator	Version
php	eq	5.3.2__6.el6
php	eq	5.3.2__6.el6_0.1
php	eq	5.3.2__6.el6
php	eq	5.3.2__6.el6_0.1

References

bugs.php.net/bug.php?id=54060

bugs.php.net/bug.php?id=54061

lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

support.apple.com/kb/HT5002

www.mandriva.com/security/advisories?name=MDVSA-2011:053

www.php.net/ChangeLog-5.php

www.php.net/security/crypt_blowfish.php

www.redhat.com/support/errata/RHSA-2011-1423.html

www.securityfocus.com/bid/46977

www.vupen.com/english/advisories/2011/0744

access.redhat.com/errata/RHSA-2011:1423

access.redhat.com/security/updates/classification/#moderate

0.13 Low

EPSS

Percentile

95.6%

JSON

Related for VERACODE:24746