Description

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.

Remediation

References

CVE-2012-0789

Related Vulnerabilities

PHP Numeric Errors Vulnerability (CVE-2011-4566)

PHP Other Vulnerability (CVE-2002-0484)

Ampache Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-4665)

WordPress Plugin WP BASE Booking of Appointments, Services and Events PHP Object Injection (3.5.0)

ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307)

Severity

Medium

Classification

CVE-2012-0789

Tags

Missing Update Known Vulnerabilities