Description
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2626 Vulnerability (CVE-2019-2626)
WordPress Plugin Lazy Load Cross-Site Scripting (0.6)
Drupal CVE-2017-6930 Vulnerability (CVE-2017-6930)
YOURLS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3824)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.42)