CVE-2011-0753

PHP < 5.3.4 - Denial of Service via PCNTL Extension Signal Handler Race Condition

Title source: llm
STIX 2.1

Description

Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals.

References (4)

Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.php.net/ChangeLog-5.php
Patch x_refsource_confirm
http://bugs.php.net/52784
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65431
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12271

Scores

EPSS 0.0053
EPSS Percentile 67.2%

Details

CWE
CWE-362
Status published
Products (45)
php/php 1.0
php/php 2.0
php/php 2.0b10
php/php 3.0
php/php 3.0.1
php/php 3.0.2
php/php 3.0.3
php/php 3.0.4
php/php 3.0.5
php/php 3.0.6
... and 35 more
Published Feb 02, 2011
Tracked Since Feb 18, 2026