Description

Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument.

Remediation

References

CVE-2011-1464

Related Vulnerabilities

Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26271)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6615)

WordPress 5.6.x Directory Traversal (5.6 - 5.6.13)

Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12386)

WebLogic CVE-2021-1996 Vulnerability (CVE-2021-1996)

Severity

Medium

Classification

CVE-2011-1464 CWE-119

Tags

Missing Update Known Vulnerabilities