Description
The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
Remediation
References
Related Vulnerabilities
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
Oracle Database Server CVE-2011-0835 Vulnerability (CVE-2011-0835)
MongoDb Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2025-10059)
Masa CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-32641)
WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7)