PHP 5.0.0 html_doc_file() Local Denial of Service

vendor:

PHP

by:

Yakir Wizman

2,6

CVSS

LOW

Denial of Service

400

CWE

Product Name: PHP

Affected Version From: 5.0.0

Affected Version To: 5.0.0

Patch Exists: YES

Related CWE: N/A

CPE: a:php:php:5.0.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2016

PHP 5.0.0 html_doc_file() Local Denial of Service

This exploit causes a denial of service in PHP 5.0.0 when the html_doc_file() function is passed a string of 9999 'A's. This exploit was tested on Windows Server 2012 R2 64bit, English, PHP 5.0.0. The bug was discovered by Yakir Wizman.

Mitigation:

Upgrade to a version of PHP that is not vulnerable to this exploit.

Source

PHP 5.0.0 html_doc_file() Local Denial of Service

Mitigation:

Exploit-DB raw data: