Description
Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.
Remediation
References
Related Vulnerabilities
Atlassian Jira Improper Privilege Management Vulnerability (CVE-2018-13400)
Grafana Improper Authentication Vulnerability (CVE-2018-15727)
Oracle JRE CVE-2014-0448 Vulnerability (CVE-2014-0448)
WordPress Plugin Form Builder-Create Responsive Contact Forms Cross-Site Scripting (1.9.8.3)
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-1402)