UBUNTU-CVE-2016-4070

Integer overflow in the phprawurlencode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service application crash via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this...

PT-2016-3413 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.5.34 PHP versions 5.6.x prior to 5.6.20 PHP versions 7.x prior to 7.0.5 Description: The issue is related to an integer overflow in the php raw url encode function, which can be exploited by remote attackers to cause a...