Description

Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.

Remediation

References

CVE-2011-1468

Related Vulnerabilities

OpenSSL Out-of-bounds Read Vulnerability (CVE-2016-6306)

WordPress Plugin WP-SpamFree Anti-Spam Cross-Site Scripting (2.1.1.6)

IBM RTC Inadequate Encryption Strength Vulnerability (CVE-2017-1701)

MySQL CVE-2014-6484 Vulnerability (CVE-2014-6484)

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-7981)

Severity

Medium

Classification

CVE-2011-1468

Tags

Missing Update Known Vulnerabilities