CVE-2017-7963

** DISPUTED ** The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior."

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://bugs.php.net/bug.php?id=74308	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-04-19 15:59

Updated : 2024-08-05 17:15

NVD link : CVE-2017-7963

Mitre link : CVE-2017-7963

CVE.ORG link : CVE-2017-7963

JSON object : View

Products Affected

php

php

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2017-7963", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-04-19T15:59:00.287", "references": [{"url": "https://bugs.php.net/bug.php?id=74308", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating \"There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior."}, {"lang": "es", "value": "** DISPUTADA ** Las interfaces GNU Multiple Precision Arithmetic Library (GMP) para PHP hasta la versi\u00f3n 7.1.4 permiten a atacantes provocar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de operaciones en cadenas largas. NOTA: el proveedor se opone a esto, declarando: \"No hay ning\u00fan problema de seguridad aqu\u00ed, porque GMP aborta de forma segura en caso de una condici\u00f3n de OOM. El \u00fanico vector de ataque aqu\u00ed es la denegaci\u00f3n de servicio. Sin embargo, si permite asignaciones no limitadas controladas por el atacante, tiene un vector DoS independientemente del comportamiento OOM de GMP\"."}], "lastModified": "2024-08-05T17:15:26.923", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C695FB97-098F-48B5-90E9-79D3A626263A", "versionEndIncluding": "7.1.4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}