Description
The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
Remediation
References
Related Vulnerabilities
WordPress Plugin bbPress SQL Injection (2.5.14)
WordPress Plugin Featured Posts by BestWebSoft Cross-Site Scripting (1.0.0)
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)
WordPress Plugin Ultimate Membership Pro SQL Injection (6.4)
Zope Web Application Server Other Vulnerability (CVE-2006-4684)