Description

Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.

Remediation

References

CVE-2011-0755

Related Vulnerabilities

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29009)

WordPress Plugin Abstract Submission Local File Inclusion (0.6)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-25152)

WordPress Plugin Simplr Registration Form Plus+ Privilege Escalation (2.4.3)

Apache HTTP Server Incorrect Calculation of Buffer Size Vulnerability (CVE-2004-0940)

Severity

Medium

Classification

CVE-2011-0755

Tags

Missing Update Known Vulnerabilities