Description
Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-1561 Vulnerability (CVE-2013-1561)
PHP Other Vulnerability (CVE-2009-4017)
WordPress Plugin Google Sitemap by BestWebSoft Cross-Site Scripting (3.0.7)
WordPress Plugin Fast Secure Contact Form 'index.php' Cross-Site Scripting (3.0.3.1)
WordPress Plugin Social Share Icons & Social Share Buttons Security Bypass (2.4.5)