Description
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Additional Variation Images for WooCommerce Cross-Site Scripting (1.1.28)
WordPress Plugin Calendar by WD-Responsive Event Calendar for WordPress SQL Injection (1.5.51)
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)
WordPress Plugin WPGateway Privilege Escalation (3.5)
Plone CMS Improper Input Validation Vulnerability (CVE-2013-4192)