Description

Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.

Remediation

References

CVE-2010-4409

Related Vulnerabilities

MySQL CVE-2019-2991 Vulnerability (CVE-2019-2991)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3747)

WordPress Plugin Abandoned Cart Pro for WooCommerce Cross-Site Scripting (7.11.1)

phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-13376)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-8994)

Severity

Medium

Classification

CVE-2010-4409

Tags

Missing Update Known Vulnerabilities