Description
Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c).
Remediation
References
Related Vulnerabilities
Jboss EAP Resource Management Errors Vulnerability (CVE-2016-7046)
Grafana Improper Verification of Cryptographic Signature Vulnerability (CVE-2022-31123)
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-1967)
MySQL Divide By Zero Vulnerability (CVE-2019-16168)
WordPress Plugin AllWebMenus WordPress Menu 'actions.php' Arbitrary File Upload (1.1.8)