CVE-2017-11143
Published: 10 July 2017
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.
Notes
| Author | Note |
|---|---|
| mdeslaur | only affected 5.6 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
php5 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| trusty |
Released
(5.5.9+dfsg-1ubuntu4.22)
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
|
Patches: upstream: http://git.php.net/?p=php-src.git;a=commit;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7 upstream: http://git.php.net/?p=php-src.git;a=commit;h=f269cdcd4f76accbecd03884f327cffb9a7f1ca9 |
||
|
php7.0 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(5.6 only)
|
|
| yakkety |
Ignored
(end of life)
|
|
| zesty |
Not vulnerable
(5.6 only)
|
|
|
php7.1 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(5.6 only)
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
| yakkety |
Does not exist
|
|
| zesty |
Does not exist
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |