PHP versions prior to 5.3.9 compute hash values for form parameters without restricting the ability to trigger hash collisions predictably, which may allow remote attackers to cause a denial of service (DoS) (CPU consumption) by sending many crafted parameters. (CVE-2011-4885)
Impact
BIG-IPAuthenticated users accessing the Configuration utility may be able to cause a DoS (CPU consumption) by sending many requests containing crafted parameters.FirePass
Authenticated users may be able to cause a DoS (CPU consumption) by sending many requests containing crafted parameters.