← back
CVE-2011-1468

CVE-2011-1468

EPSS 13.2%
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/35487unverifiedexploitdbwww.exploit-db.com/exploits/35486unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.php.net/bug.php?id=54060http://bugs.php.net/bug.php?id=54061http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://support.apple.com/kb/HT5002http://www.mandriva.com/security/advisories?name=MDVSA-2011:053http://www.php.net/ChangeLog-5.phphttp://www.redhat.com/support/errata/RHSA-2011-1423.htmlhttp://www.securityfocus.com/bid/46977http://www.vupen.com/english/advisories/2011/0744