vendor:
PHP
by:
Unknown
5.5
CVSS
MEDIUM
Denial-of-Service
476
CWE
Product Name: PHP
Affected Version From: PHP 5.3.5
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: a:php:php:5.3.5
Platforms Tested:
Unknown
NULL-pointer dereference DoS vulnerability in PHP
The vulnerability is caused by a NULL-pointer dereference in PHP. An attacker can exploit this issue by using a proof-of-concept such as the 'grapheme_extract' function with a negative value, causing an application written in PHP to crash and deny service to legitimate users.
Mitigation:
Update to a patched version of PHP. As of now, there is no specific mitigation available for this vulnerability.