WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Out-of-bounds Write Vulnerability (CVE-2024-11233)

Description

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

Remediation

References

Related Vulnerabilities

PHP Integer Overflow or Wraparound Vulnerability (CVE-2010-1866)

MySQL CVE-2024-20973 Vulnerability (CVE-2024-20973)

Drupal Core 8.5.x Multiple Vulnerabilities (8.5.0 - 8.5.14)

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5651)

WordPress Plugin SportsPress-Sports Club & League Manager Cross-Site Scripting (2.7.1)

Severity

High

Classification

CVE-2024-11233 CWE-787 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Tags

Missing Update Known Vulnerabilities