Description

Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).

Remediation

References

CVE-2008-1384

Related Vulnerabilities

MyBB Insertion of Sensitive Information into Log File Vulnerability (CVE-2015-8977)

WordPress Plugin W3 Total Cache Multiple Unspecified Vulnerabilities (0.9.5.1)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-9691)

WordPress Plugin LOGIN AND REGISTRATION ATTEMPTS LIMIT Cross-Site Request Forgery (2.1)

MySQL CVE-2020-14785 Vulnerability (CVE-2020-14785)

Severity

Medium

Classification

CVE-2008-1384

Tags

Missing Update Known Vulnerabilities