Description

Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.

Remediation

References

CVE-2011-1148

Related Vulnerabilities

WordPress Plugin 404 SEO Redirection SQL Injection (1.0)

WordPress Plugin Premmerce Wholesale Pricing for WooCommerce Security Bypass (1.1.3)

WordPress Plugin AGP Font Awesome Collection Cross-Site Scripting (2.7.2)

MySQL Other Vulnerability (CVE-2002-1923)

IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4697)

Severity

High

Classification

CVE-2011-1148

Tags

Missing Update Known Vulnerabilities