Description
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument.
Remediation
References
Related Vulnerabilities
Joomla Cross-Site Request Forgery (CSRF) (CVE-2021-26033)
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.3.18.727)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1901)
WordPress Plugin YouTube Cross-Site Request Forgery (11.8.1)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1509)