Lucene search
F5F5:K82907233HistoryMar 08, 2017 - 12:00 a.m.
K82907233 : PHP vulnerability CVE-2017-5340
2017-03-0800:00:00
my.f5.com
66
Security Advisory Description
Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. (CVE-2017-5340)
Impact
There is no impact; F5 products are not affected by this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 12.0.0 |
Related
cvelist
cvelist
CVE-2017-5340
2017-01-11 06:02:00
hackerone
hackerone
Internet Bug Bounty: Use of uninitialized memory in unserialize()
2017-01-05 11:24:39
ubuntucve
ubuntucve
CVE-2017-5340
2017-01-11 00:00:00
cve
cve
CVE-2017-5340
2017-01-11 06:59:00
nvd
nvd
CVE-2017-5340
2017-01-11 06:59:00
redhatcve
redhatcve
CVE-2017-5340
2017-01-12 14:17:41
veracode
veracode
Remote Code Execution (RCE)
2019-05-16 02:59:59
Use After Free
2019-05-16 02:59:58
seebug
seebug
PHP Use of uninitialized memory in unserialize() (CVE-2017-5340)
2017-01-12 00:00:00
debiancve
debiancve
CVE-2017-5340
2017-01-11 06:59:00
prion
prion
Integer overflow
2017-01-11 06:59:00
checkpoint_advisories
checkpoint_advisories
PHP zend_hash_destroy Uninitialized Pointer Code Execution (CVE-2017-5340)
2017-02-26 00:00:00
osv
osv
CVE-2017-5340
2017-01-11 06:59:00
attackerkb
attackerkb
CVE-2020-14932
2020-06-20 00:00:00
CVE-2020-14933
2020-06-20 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3211-2)
2017-03-03 00:00:00
archlinux
archlinux
[ASA-201701-28] php: multiple issues
2017-01-19 00:00:00
nessus
nessus
PHP 7.1.x < 7.1.1 Multiple Vulnerabilities
2019-01-09 00:00:00
PHP 7.0.x < 7.0.15 Multiple Vulnerabilities
2019-01-09 00:00:00
PHP 7.1.x < 7.1.1 Multiple Vulnerabilities
2017-01-26 00:00:00
amazon
amazon
Medium: php70
2017-03-29 20:15:00
ubuntu
ubuntu
PHP regression
2017-03-02 00:00:00
PHP vulnerabilities
2017-02-23 00:00:00
suse
suse
Security update for php7 (important)
2017-03-02 15:12:04
Security update for php7 (important)
2017-02-22 15:08:24
redhat
redhat