{"id":"CVE-2017-11147","details":"In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.","modified":"2026-04-11T03:56:49.614016Z","published":"2017-07-10T14:29:00.697Z","related":["SUSE-SU-2017:2303-1","SUSE-SU-2017:2317-1","SUSE-SU-2017:2522-1"],"references":[{"type":"WEB","url":"http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=e5246580a85f031e1a3b8064edbaa55c1643a451"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-5.php"},{"type":"ADVISORY","url":"http://php.net/ChangeLog-7.php"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/99607"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20180112-0001/"},{"type":"ADVISORY","url":"https://www.tenable.com/security/tns-2017-12"},{"type":"REPORT","url":"https://bugs.php.net/bug.php?id=73773"},{"type":"FIX","url":"http://openwall.com/lists/oss-security/2017/07/10/6"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/php/php-src","events":[{"introduced":"0"},{"fixed":"195427c55481d9913ac9dd3fbcedf2f7c637e6de"},{"introduced":"60fffd296abce5fc071f3c173c25a2696cf683c6"},{"fixed":"cc766d7730bdec064e32f8009154fa672b34ef9b"},{"introduced":"0221e9f827632942225586687a33cfd554860d5e"},{"fixed":"9abbc3cc6d0f448435ca38bef694f671bf7303d8"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.6.30"},{"introduced":"7.0.0"},{"fixed":"7.0.15"},{"introduced":"7.1.0"},{"fixed":"7.1.1"}]}}],"versions":["POST_64BIT_BRANCH_MERGE","POST_AST_MERGE","POST_PHP7_NSAPI_REMOVAL","POST_PHP7_REMOVALS","POST_PHPNG_MERGE","PRE_64BIT_BRANCH_MERGE","PRE_AST_MERGE","PRE_PHP7_EREG_MYSQL_REMOVALS","PRE_PHP7_NSAPI_REMOVAL","PRE_PHP7_REMOVALS","php-5.6.30RC1","php-7.0.15RC1","php-7.1.1RC1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11147.json","vanir_signatures_modified":"2026-04-11T03:56:49Z","vanir_signatures":[{"signature_type":"Function","target":{"function":"_gd2GetHeader","file":"ext/gd/libgd/gd_gd2.c"},"deprecated":false,"source":"https://github.com/php/php-src/commit/9abbc3cc6d0f448435ca38bef694f671bf7303d8","id":"CVE-2017-11147-12d1fca6","signature_version":"v1","digest":{"length":2665,"function_hash":"291942526429879441159894536430346133521"}},{"signature_type":"Line","target":{"file":"ext/gd/libgd/gd_gd2.c"},"deprecated":false,"source":"https://github.com/php/php-src/commit/9abbc3cc6d0f448435ca38bef694f671bf7303d8","id":"CVE-2017-11147-a887e78f","signature_version":"v1","digest":{"line_hashes":["268808390959611610380382661363715926383","332457077737297600470842301867489262455","183820387990733455444215637150999073887","296117839669516092864788658433251533836"],"threshold":0.9}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}