Computer Security
[EN] securityvulns.ru no-pyccku


PHP security vulnerabilities
updated since 19.12.2011
Published:08.02.2012
Source:
SecurityVulns ID:12097
Type:library
Threat Level:
6/10
Description:Reading outside allocated memory on JPEG exif headers parsing. CPU exhaustion because of predictable hash collisions for form data.
Affected:PHP : PHP 5.3
 PHP : PHP 5.4
CVE:CVE-2012-0830 (The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.)
 CVE-2011-4885 (PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.)
 CVE-2011-4566 (Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.)
Original documentdocumentsecurity_(at)_nruns.com, n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table (02.01.2012)
 documentAndrea Barisani, [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision (02.01.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod