Lucene search

Veracode Vulnerability DatabaseVERACODE:23598

HistoryApr 10, 2020 - 12:31 a.m.

Denial Of Service (DoS)

2020-04-1000:31:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.096

Percentile

94.8%

JSON

php is vulnerable to denial of service. A flaw was found in PHP’s json_decode function. A remote attacker could use this flaw to create a specially-crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script.

References

cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15

lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

secunia.com/advisories/34770

secunia.com/advisories/34830

secunia.com/advisories/34933

secunia.com/advisories/35003

secunia.com/advisories/35007

secunia.com/advisories/35306

secunia.com/advisories/35685

secunia.com/advisories/36701

support.apple.com/kb/HT3865

www.debian.org/security/2009/dsa-1775

www.debian.org/security/2009/dsa-1789

www.mandriva.com/security/advisories?name=MDVSA-2009:090

www.openwall.com/lists/oss-security/2009/04/01/9

www.php.net/releases/5_2_9.php

www.redhat.com/security/updates/classification/#moderate

www.redhat.com/support/errata/RHSA-2009-0350.html

www.ubuntu.com/usn/USN-761-2

access.redhat.com/errata/RHSA-2009:0350

usn.ubuntu.com/761-1/

www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

EPSS

0.096

Percentile

94.8%

JSON

Related for VERACODE:23598