Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2017-11628 - Vulnerability Database
PHP

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2017-11628

High
Reference: CVE-2017-11628
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-11628
Title: PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Overview:

In PHP before 5.6.31 7.x before 7.0.21 and 7.1.x before 7.1.7 a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system39s php.ini file) for the parse_ini_string or parse_ini_file function e.g. a web application for syntax validation of php.ini directives.