Description
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.
Remediation
References
Related Vulnerabilities
WordPress 3.7.x Cross-Site Request Forgery (3.7 - 3.7.28)
Oracle Database Server CVE-2009-1996 Vulnerability (CVE-2009-1996)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2038)
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00)
WordPress Plugin YouTube Gallery-Best YouTube Video Gallery Cross-Site Scripting (3.2.1)