Back to search

OS X update for PHP (CVE-2011-4885)

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	December 28, 2011	July 15, 2012	February 12, 2015

Available Exploits

Hashtable Collisions

Description

PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

Download now

References

APPLE-APPLE-SA-2012-05-09-1
BID-51193
CERT-VN-903934
CVE-2011-4885
DEBIAN-DSA-2399
REDHAT-RHSA-2012:0019
REDHAT-RHSA-2012:0071
URL: http://support.apple.com/kb/HT5281
XF-72021

Solution

apple-osx-security-update-2012-002

Related Vulnerabilities

CESA-2012:0019: php53 and php security update
SUSE Linux Security Advisory: SUSE-SU-2013:1351-1
Amazon Linux AMI: Security patch for php (ALAS-2012-37) (multiple CVEs)
ELSA-2012-0019 Moderate: Oracle Linux php53 and php security update
SUSE Linux Security Vulnerability: CVE-2011-4885
PHP Vulnerability: CVE-2011-4885
RHSA-2012:0033: php security update
ELSA-2012-0071 Moderate: Oracle Linux php security update
SUSE Linux Security Advisory: SUSE-SU-2012:0496-1
CESA-2012:0071: php security update
DSA-2399-2 php5 -- several vulnerabilities
OS X update for Login Window (CVE-2011-4885)
HP System Management Homepage - HPSBMU02786 (CVE-2011-4885): Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code
ELSA-2012-0033 Moderate: Oracle Linux php security update
RHSA-2012:0019: php53 and php security update
CESA-2012:0033: php security update
ELSA-2012-1046 Moderate: Oracle Linux php security update
USN-1358-1: PHP vulnerabilities
RHSA-2012:0071: php security update
FreeBSD: php -- multiple vulnerabilities (Multiple CVEs)

THREAT EXPOSURE MANAGEMENT

INCIDENT DETECTION & RESPONSE

CYBER SECURITY SERVICES

MANAGED SERVICES FOR PRODUCTS

TRAINING & CERTIFICATION

Community & Blog

Retail Store

Reviews

Free Downloads

Videos & Media

Papers / Guides

All resources

Company

Buzz

Engage with us

Customers