Description
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Analytics Dashboard Cross-Site Scripting (2.1.1)
WordPress Plugin File Manager Cross-Site Request Forgery (3.0.1)
WordPress Plugin Disqus Comment System Multiple Cross-Site Request Forgery Vulnerabilities (2.77)
WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23437)
Oracle Database Server CVE-2023-21949 Vulnerability (CVE-2023-21949)