Description
Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Contact Form DB Cross-Site Request Forgery (2.8.31)
WordPress Plugin Filtre de Surveillance Gouvernemental Cross-Site Scripting (1.1)
WordPress Plugin Fotobook Cross-Site Scripting (3.2.3)
WebLogic CVE-2019-2649 Vulnerability (CVE-2019-2649)
WordPress Plugin DeMomentSomTres Subscribe Cross-Site Scripting (201909190900)