WS-2012-0021
February 04, 2012
In php-src, PHP-5.4.1-RC1 to PHP_5_2_15RC1, there is a Buffer overflow vulnerability exists in “php_html_entities()” function which may be triggered by a large input to the “htmlspecialchars()” PHP function. This may lead to a denial of service, and even allow remote code execution.
Related Resources (1)
Do you need more information?
Contact UsCVSS v3
Base Score:
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
