Oval Definition:oval:com.ubuntu.trusty:def:201711362000
Revision Date:2017-07-17Version:1
Title:CVE-2017-11362 on Ubuntu 14.04 LTS (trusty) - low.
Description:In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformat_parse.c does not restrict the locale length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact within International Components for Unicode (ICU) for C/C++ via a long first argument to the msgfmt_parse_message function.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-11362
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND The 'php5' package in trusty was vulnerable but has been fixed (note: '5.5.9+dfsg-1ubuntu4.22').
  • BACK