OS X update for PHP (CVE-2011-4885)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | December 28, 2011 | July 15, 2012 | April 04, 2017 |
Available Exploits 
Description
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
References
Solution
apple-osx-upgrade-10_7_4Related Vulnerabilities
- Amazon Linux AMI: Security patch for php (ALAS-2012-37) (multiple CVEs)
- ELSA-2012-0019 Moderate: Oracle Linux php53 and php security update
- SUSE Linux Security Vulnerability: CVE-2011-4885
- PHP Vulnerability: CVE-2011-4885
- F5 Networks: K13588 (Multiple Advisories) (CVE-2011-4885): PHP vulnerability CVE-2011-4885
- RHSA-2012:0033: php security update
- ELSA-2012-0071 Moderate: Oracle Linux php security update
- DSA-2399-2 php5 -- several vulnerabilities
- OS X update for Login Window (CVE-2011-4885)
- HP System Management Homepage - HPSBMU02786 (CVE-2011-4885): Linux, Windows, and VMware ESX, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code
- Cent OS: CVE-2011-4885: CESA-2012:0071 (php)
- ELSA-2012-0033 Moderate: Oracle Linux php security update
- RHSA-2012:0019: php53 and php security update
- ELSA-2012-1046 Moderate: Oracle Linux php security update
- USN-1358-1: PHP vulnerabilities
- RHSA-2012:0071: php security update
- FreeBSD: php -- multiple vulnerabilities (Multiple CVEs)