Lucene search
F5F5:K75543432HistoryNov 06, 2017 - 12:00 a.m.
K75543432 : PHP vulnerability CVE-2017-11628
2017-11-0600:00:00
my.f5.com
27
Security Advisory Description
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system’s php.ini file) for the parse_ini_string or parse_ini_file function, e.g., a web application for syntax validation of php.ini directives. (CVE-2017-11628)
Impact
This vulnerability allows unauthorized disclosure of information, unauthorized modification, and disruption of service.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.5.5 | |
| big-ip afm | eq | 11.5.6 | |
| big-ip afm | eq | 11.5.7 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 11.6.2 | |
| big-ip afm | eq | 11.6.3 |
Related
prion
prion
Stack overflow
2017-07-25 23:29:00
openvas
openvas
Debian: Security Advisory (DLA-1066-1)
2018-02-06 00:00:00
Debian: Security Advisory (DSA-4080-1)
2018-01-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2303-1)
2021-06-09 00:00:00
debian
debian
[SECURITY] [DLA 1066-1] php5 security update
2017-08-26 15:57:29
[SECURITY] [DSA 4080-1] php7.0 security update
2018-01-08 22:30:09
[SECURITY] [DSA 4081-1] php5 security update
2018-01-08 22:33:54
hackerone
hackerone
Internet Bug Bounty: PHP INI Parsing Stack Buffer Overflow Vulnerability
2017-07-12 09:21:09
nessus
nessus
Debian DLA-1066-1 : php5 security update
2017-08-28 00:00:00
F5 Networks BIG-IP : PHP vulnerability (K75543432)
2018-05-24 00:00:00
GLSA-201709-21 : PHP: Multiple vulnerabilities
2017-09-25 00:00:00
cve
cve
CVE-2017-11628
2017-07-25 23:29:00
osv
osv
php5 - security update
2017-08-26 00:00:00
CVE-2017-11628
2017-07-25 23:29:00
php5 - security update
2018-01-08 00:00:00
cvelist
cvelist
CVE-2017-11628
2017-07-25 23:00:00
ubuntucve
ubuntucve
CVE-2017-11628
2017-07-25 00:00:00
veracode
veracode
Stack-Based Buffer Overflow
2019-05-16 02:59:59
Use After Free
2019-05-16 02:59:58
debiancve
debiancve
CVE-2017-11628
2017-07-25 23:29:00
nvd
nvd
CVE-2017-11628
2017-07-25 23:29:00
redhatcve
redhatcve
CVE-2017-11628
2019-11-02 22:24:08
gentoo
gentoo
PHP: Multiple vulnerabilities
2017-09-24 00:00:00
suse
suse
Security update for php7 (important)
2017-09-04 12:07:53
Security update for php7 (important)
2017-08-30 19:30:52
ubuntu
ubuntu
PHP vulnerabilities
2017-12-18 00:00:00
PHP vulnerabilities
2017-08-10 00:00:00
redhat
redhat
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45