Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2017-11362HistoryJul 17, 2017 - 1:18 p.m.
CVE-2017-11362
2017-07-1713:18:00
Debian Security Bug Tracker
security-tracker.debian.org
12
0.01 Low
EPSS
Percentile
83.7%
In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact within International Components for Unicode (ICU) for C/C++ via a long first argument to the msgfmt_parse_message function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | php7.0 | < 7.0.33-0+deb9u8 | php7.0_7.0.33-0+deb9u8_all.deb |
Related
osv
osv
CVE-2017-11362
2017-07-17 13:18:00
cvelist
cvelist
CVE-2017-11362
2017-07-17 06:00:00
prion
prion
Stack overflow
2017-07-17 13:18:00
veracode
veracode
Denial Of Service (DoS)
2019-05-16 02:59:59
Use After Free
2019-05-16 02:59:58
nvd
nvd
CVE-2017-11362
2017-07-17 13:18:21
redhatcve
redhatcve
CVE-2017-11362
2017-07-26 14:19:45
cve
cve
CVE-2017-11362
2017-07-17 13:18:21
ubuntucve
ubuntucve
CVE-2017-11362
2017-07-17 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3566-2)
2022-08-26 00:00:00
nessus
nessus
GLSA-201709-21 : PHP: Multiple vulnerabilities
2017-09-25 00:00:00
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-3566-2)
2019-05-23 00:00:00
PHP 7.1.x < 7.1.7 Multiple Vulnerabilities
2017-07-13 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2017-09-24 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2019-05-22 00:00:00
PHP vulnerabilities
2017-08-10 00:00:00
redhat
redhat