php: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c

Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...

USN-3059-1 xmlrpc-epi vulnerability

It was discovered that xmlrpc-epi incorrectly handled lengths in the simplestringaddn function. A remote attacker could use this issue to cause applications using xmlrpc-epi such as PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...