Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says Not sure if this qualifies as security issue (probably not).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Php | Php | 5.6.1 | 5.6.1 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.5 | 5.6.5 |
Php | Php | 7.0.4 | 7.0.4 |
Php | Php | 5.6.12 | 5.6.12 |
Php | Php | 5.6.13 | 5.6.13 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.4 | 5.6.4 |
Php | Php | 7.0.3 | 7.0.3 |
Php | Php | 5.6.6 | 5.6.6 |
Php | Php | 7.0.1 | 7.0.1 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.18 | 5.6.18 |
Php | Php | 5.6.11 | 5.6.11 |
Php | Php | 5.6.2 | 5.6.2 |
Php | Php | 5.6.10 | 5.6.10 |
Php | Php | * | 5.5.33 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.7 | 5.6.7 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.15 | 5.6.15 |
Php | Php | 7.0.2 | 7.0.2 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.17 | 5.6.17 |
Php | Php | 5.6.16 | 5.6.16 |
Php | Php | 5.6.9 | 5.6.9 |
Php | Php | 5.6.0 | 5.6.0 |
Php | Php | 5.6.3 | 5.6.3 |
Php | Php | 7.0.0 | 7.0.0 |
Php | Php | 5.6.8 | 5.6.8 |
Php | Php | 5.6.14 | 5.6.14 |
Php | Php | 5.6.19 | 5.6.19 |
Php | Php | 5.6.0 | 5.6.0 |