Description
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.
Remediation
References
Related Vulnerabilities
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-5954)
WordPress Plugin Age Gate Unspecified Vulnerability (2.18.5)
WordPress Plugin OneSignal-Web Push Notifications Cross-Site Scripting (1.17.7)
WordPress Plugin Insert or Embed Articulate Content into WordPress Security Bypass (4.2996)