CVE-2017-6441 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Php	Php	7.1.2

Related Weaknesses (CWE)

CWE-476

References

https://bugs.php.net/bug.php?id=74146Issue Tracking
https://github.com/php/php-src/pull/2396Patch
https://bugs.php.net/bug.php?id=74146Issue Tracking
https://github.com/php/php-src/pull/2396Patch

FAQ

What is CVE-2017-6441?

CVE-2017-6441 is a vulnerability with a CVSS score of 7.5 (HIGH). The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a...

How severe is CVE-2017-6441?

CVE-2017-6441 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-6441?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php.