** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not)."
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Php Php 5.6.18 (not an official CPE)
Php Php 5.6.17 (not an official CPE)
Php Php 5.6.16 (not an official CPE)
Php Php 5.6.15 (not an official CPE)
Php Php 5.6.14 (not an official CPE)
Php Php 5.6.13 (not an official CPE)
Php Php 5.6.12 (not an official CPE)
Php Php 5.6.11 (not an official CPE)
Php Php 5.6.10 (not an official CPE)
Php Php 5.6.9 (not an official CPE)
Php Php 5.6.8 (not an official CPE)
PHP 5.6.7
PHP 5.6.6
PHP 5.6.5
PHP 5.6.4
PHP 5.6.3
PHP 5.6.2
Php Php 5.6.1 (not an official CPE)
PHP 5.6.0 beta4
PHP 5.6.0 beta3
PHP 5.6.0 beta2
PHP 5.6.0 beta1
PHP 5.6.0 alpha5
PHP 5.6.0 alpha4
PHP 5.6.0 alpha3
PHP 5.6.0 alpha2
PHP 5.6.0 alpha1
Php Php 5.5.33 (not an official CPE)
Php Php 5.6.19 (not an official CPE)
Php Php 7.0.0 (not an official CPE)
Php Php 7.0.1 (not an official CPE)
Php Php 7.0.2 (not an official CPE)
Php Php 7.0.3 (not an official CPE)
Php Php 7.0.4 (not an official CPE)