Description

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.

Remediation

References

CVE-2012-0789

Related Vulnerabilities

WordPress Plugin Annonces 'abspath' Parameter Remote File Include (1.2.0.0)

WordPress Plugin White Label CMS Cross-Site Scripting (1.5.2)

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-5954)

qdPM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18468)

WordPress Plugin Social Network Tabs Information Disclosure (1.7.1)

Severity

Medium

Classification

CVE-2012-0789

Tags

Missing Update Known Vulnerabilities