vulnerability
Ubuntu: (Multiple Advisories) (CVE-2017-11144): PHP vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jul 10, 2017 | Aug 10, 2017 | Mar 27, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jul 10, 2017
Added
Aug 10, 2017
Modified
Mar 27, 2026
Description
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.
Solutions
ubuntu-upgrade-libapache2-mod-php5ubuntu-upgrade-libapache2-mod-php7-0ubuntu-upgrade-php5ubuntu-upgrade-php5-cgiubuntu-upgrade-php5-cliubuntu-upgrade-php5-fpmubuntu-upgrade-php7-0-cgiubuntu-upgrade-php7-0-cliubuntu-upgrade-php7-0-fpm
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.