Integer overflow in the php_filter_encode_url function in
ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers
to cause a denial of service or possibly have unspecified other impact via
a long string, leading to a heap-based buffer overflow.
Author | Note |
---|---|
mdeslaur | same fix as CVE-2016-4344 |