CVE-2017-5340
php: Use of uninitialized memory in unserialize()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.
Zend/zend_hash.c en PHP en versiones anteriores a 7.0.15 y 7.1.x en versiones anteriores a 7.1.1 no maneja adecuadamente ciertos casos que requieren asignaciones de array grandes, lo que permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de enteros, acceso a memoria no inicializada y uso de punteros de la función de destructor arbitrarios) a través de datos serializados manipulados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-01-11 CVE Reserved
- 2017-01-11 CVE Published
- 2023-07-08 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-190: Integer Overflow or Wraparound
- CWE-456: Missing Initialization of a Variable
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/95371 | Third Party Advisory | |
http://www.securitytracker.com/id/1037659 | Third Party Advisory | |
https://security.netapp.com/advisory/ntap-20180112-0001 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://bugs.php.net/bug.php?id=73832 | 2024-08-05 |
URL | Date | SRC |
---|---|---|
https://github.com/php/php-src/commit/4cc0286f2f3780abc6084bcdae5dce595daa3c12 | 2022-07-20 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:1296 | 2022-07-20 | |
https://access.redhat.com/security/cve/CVE-2017-5340 | 2018-05-03 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1412631 | 2018-05-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.0.0 < 7.0.15 Search vendor "Php" for product "Php" and version " >= 7.0.0 < 7.0.15" | - |
Affected
| ||||||
Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 7.1.0 < 7.1.1 Search vendor "Php" for product "Php" and version " >= 7.1.0 < 7.1.1" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Clustered Data Ontap Search vendor "Netapp" for product "Clustered Data Ontap" | - | - |
Affected
|