VDB
CVE-2017-11146
CVE-2017-11146
PUBLISHED
In PHP existieren mehrere Schwachstellen im Zusammenhang mit folgenden Komponenten: Core, GD, mbsting OpenSSL, PCRE, WDDX. Ein entfernter anonymer Angreifer kann diese Schwachstelle nutzen, um Informationen offenzulegen, Dateien zu manipulieren, beliebigen Programmcode mit den Rechten des Dienstes ausführen zu können und einen Denial of Service Zustand herbeizuführen.
EPSS 0.27% · 67.8th percentile
Risk Scores
EPSS Score
0.27%
67.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE Linux | |
| Ubuntu | Ubuntu Linux | |
| Debian | Debian Linux | |
| Amazon | Amazon Linux 2 | |
| Red Hat | Red Hat Enterprise Linux | |
| NetApp | NetApp Data ONTAP |
Timeline
- Jul 9, 2017 CVE Published
- Dec 4, 2023 CVE Updated
- Feb 8, 2024 EPSS Score
- Feb 22, 2024 EPSS Score
- Mar 7, 2024 EPSS Score
- Mar 20, 2024 EPSS Score
- Apr 3, 2024 EPSS Score
- Apr 17, 2024 EPSS Score
- May 1, 2024 EPSS Score
- May 15, 2024 EPSS Score
- May 29, 2024 EPSS Score
- Jun 11, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2023-2718.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2718 advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2375.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2311.html advisory
- http://php.net/ChangeLog-5.php#5.6.31 advisory
- http://php.net/ChangeLog-7.php#7.0.21 advisory
- http://php.net/ChangeLog-7.php#7.1.7 advisory
- http://www.ubuntu.com/usn/usn-3382-1/ advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20172303-1.html advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20172317-1.html advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20172522-1.html advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20173237-1.html advisory
- https://www.suse.com/support/update/announcement/2017/suse-su-20173277-1.html advisory
- http://www.ubuntu.com/usn/usn-3382-2/ advisory
- https://www.suse.com/support/update/announcement/2018/suse-su-20180003-1.html advisory
- http://www.debian.org/security/2018/dsa-4080 advisory
- http://www.debian.org/security/2018/dsa-4081 advisory
- https://security.netapp.com/advisory/ntap-20180112-0001/ advisory
- https://access.redhat.com/errata/RHSA-2018:1296 advisory