Description
The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution.
Remediation
References
Related Vulnerabilities
WordPress Plugin Afterpay Gateway for WooCommerce Cross-Site Scripting (3.2.0)
PHP Out-of-bounds Read Vulnerability (CVE-2015-2325)
WordPress Plugin Ketchup Restaurant Reservations Multiple Vulnerabilities (1.0.0)
Oracle Application Server CVE-2006-3706 Vulnerability (CVE-2006-3706)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1159)