Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2017-6441

Published: 03/04/2017 Updated: 11/04/2024
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Php

Vulnerability Summary

The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

php php 7.1.2

Vendor Advisories

Red Hat: CVE-2017-6441
** DISPUTED ** The _zval_get_long_func_ex in Zend/zend_operatorsc in PHP 712 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary ...

References

CWE-476https://github.com/php/php-src/pull/2396https://bugs.php.net/bug.php?id=74146https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2017-6441
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook