Vulnerability CVE-2017-6441

Vulnerability Name:

CVE-2017-6441 (CCN-214721)

Assigned:

2017-02-22

Published:

2017-02-22

Updated:

2017-04-10

Summary:

** DISPUTED ** The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script.
Note: the vendor disputes the classification of this as a vulnerability, stating "Please do not request CVEs for ordinary bugs. CVEs are relevant for security issues only."

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:U)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:U)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2017-6441

Source: CCN
Type: PHP Web site
Null pointer dereference in _zval_get_long_func_ex()

Source: XF
Type: UNKNOWN
php-cve20176441-dos(214721)

Source: CCN
Type: PHP GIT Repository
Fix potential crash when setting invalid declare value

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:php:php:7.1.2:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20176441	V	CVE-2017-6441	2022-09-02
oval:org.opensuse.security:def:9885	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10439	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10710	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:10372	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:10176	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:38744	P	Security update for bind (Important)	2021-11-09
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:10154	P	Security update for ghostscript (Critical)	2021-09-15
oval:org.opensuse.security:def:10148	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:13949	P	libpython3_4m1_0-3.4.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14083	P	apache2-2.4.23-28.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14264	P	libnm-glib-vpn1-1.0.12-12.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14220	P	libecpg6-9.6.3-2.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14288	P	libsnmp30-32bit-5.7.3-4.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13927	P	libmms0-0.6.2-15.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13919	P	libjson-c2-0.11-2.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14065	P	xlockmore-5.43-5.30 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14195	P	libXfont1-1.5.1-10.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14948	P	libQt5WebKit5-5.6.2-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14017	P	python-libxml2-2.9.4-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14102	P	colord-gtk-lang-0.1.26-6.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14275	P	libpng16-16-1.6.8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14926	P	ipsec-tools-0.8.0-19.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:11099	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:10112	P	Security update for ovmf (Important)	2021-06-25
oval:org.opensuse.security:def:10278	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:17189	P	libmikmod3-3.2.0-4.59 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124641	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11434	P	pcsc-ccid-1.4.14-1.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17153	P	NetworkManager-1.0.12-12.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16349	P	php7-devel-7.0.7-49.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17122	P	libjavascriptcoregtk-1_0-0-2.4.11-23.20 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16635	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17299	P	telepathy-idle-0.2.0-1.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17065	P	libgio-fam-2.38.2-5.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10087	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:10263	P	Security update for ceph (Important)	2021-06-02
oval:org.opensuse.security:def:9863	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:9855	P	Security update for bind (Important)	2021-03-02
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:10163	P	Security update for python-urllib3 (Moderate)	2021-02-08
oval:org.opensuse.security:def:10297	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:11121	P	Security update for viewvc (Moderate)	2021-01-19
oval:org.opensuse.security:def:38319	P	Security update for squid3 (Critical)	2020-12-30
oval:org.opensuse.security:def:38677	P	Security update for OpenEXR (Moderate)	2020-12-21
oval:org.opensuse.security:def:16980	P	vte2-devel-0.28.2-19.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17388	P	telepathy-gabble-0.18.3-5.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17331	P	kernel-default-extra-4.12.14-120.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16946	P	pango-devel-1.40.1-9.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16938	P	obs-service-set_version-0.5.11-1.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16948	P	php7-devel-7.0.7-50.85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:38569	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10461	P	lib3ds-1-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10814	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10453	P	hplip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17400	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:10576	P	nut-cgi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39468	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18060	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:37927	P	libnm-glib-vpn1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9993	P	squidGuard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38159	P	cups-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38409	P	libzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10529	P	libpcscspy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39426	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:10610	P	xfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17422	P	Security update for compat-openssl098 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10761	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9978	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38022	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38716	P	libproxy1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38628	P	kdump on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10483	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10836	P	php7-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38788	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10591	P	python3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10752	P	libjson-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9931	P	libusbmuxd4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18086	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37938	P	libpcsclite1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37926	P	libnghttp2-14 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10012	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38261	P	libXt6 on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20176441000	V	CVE-2017-6441 on Ubuntu 12.04 LTS (precise) - negligible.	2017-04-03
oval:com.ubuntu.xenial:def:201764410000000	V	CVE-2017-6441 on Ubuntu 16.04 LTS (xenial) - negligible.	2017-04-03
oval:com.ubuntu.trusty:def:20176441000	V	CVE-2017-6441 on Ubuntu 14.04 LTS (trusty) - negligible.	2017-04-03
oval:com.ubuntu.xenial:def:20176441000	V	CVE-2017-6441 on Ubuntu 16.04 LTS (xenial) - negligible.	2017-04-03

BACK