Description
The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.
Remediation
References
Related Vulnerabilities
Python CVE-2020-27619 Vulnerability (CVE-2020-27619)
Dolphin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3728)
MySQL CVE-2015-0507 Vulnerability (CVE-2015-0507)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0763)
WordPress Plugin Backup Migration Arbitrary File Download (1.3.6)