Published: 10/07/2017 Updated: 07/11/2023

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

In PHP prior to 5.6.30 and 7.x prior to 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php
netapp clustered data ontap -

Synopsis Moderate: rh-php70-php security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rh-php70-php is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabilit ...

Several security issues were fixed in PHP ...

Tenable has released updates for SecurityCenter 532, 540, 542, 545, 550, and 551 to bring the version of PHP included with them to 5631 PHP 5631 addresses multiple vulnerabilities: CVE-2017-11142: In PHP before 5631, 7x before 7017, and 71x before 713, remote attackers could cause a CPU consumption denial of service atta ...

CWE-125 https://bugs.php.net/bug.php?id=73773 http://php.net/ChangeLog-7.php http://php.net/ChangeLog-5.php http://openwall.com/lists/oss-security/2017/07/10/6 http://www.securityfocus.com/bid/99607 https://www.tenable.com/security/tns-2017-12 https://security.netapp.com/advisory/ntap-20180112-0001/https://access.redhat.com/errata/RHSA-2018:1296 http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e5246580a85f031e1a3b8064edbaa55c1643a451 https://access.redhat.com/errata/RHSA-2018:1296 https://nvd.nist.gov https://usn.ubuntu.com/3382-1/

CVE-2017-11147

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect