Description

The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.

Remediation

References

CVE-2011-0421

Related Vulnerabilities

WordPress Plugin Backup Scheduler Cross-Site Request Forgery (1.5.13)

Apache Tomcat Other Vulnerability (CVE-2001-0590)

WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.3)

MySQL CVE-2015-4767 Vulnerability (CVE-2015-4767)

WordPress Plugin WP Scrippets Cross-Site Scripting (1.5.1)

Severity

Medium

Classification

CVE-2011-0421

Tags

Missing Update Known Vulnerabilities