Description
The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution.
Remediation
References
Related Vulnerabilities
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (4.4.3)
WordPress Plugin WP Database Reset Multiple Security Bypass Vulnerabilities (3.1)
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3348)
Oracle Database Server CVE-2006-0263 Vulnerability (CVE-2006-0263)
Moodle Improper Input Validation Vulnerability (CVE-2020-1756)