Li, Sebastian Jun Nan
Date of Issue2017-11-16
School of Computer Science and Engineering
We present the application of a state of the art data fuzzing program American Fuzzy Lop (AFL) to discover new vulnerabilities that could be present in PHP. We will walk through the discovery, submission and patching of a newly found bug in PHP. The bug was first discovered in PHP version 7.0.16 and 5.6.30 and subsequently patched in version 7.0.21. The bug is presented with CVE- 2017-11144, with the implication of a DOS attack.
Final Year Project (FYP)
Nanyang Technological University