Description
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow.
Remediation
References
Related Vulnerabilities
Grafana Improper Verification of Cryptographic Signature Vulnerability (CVE-2022-31123)
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8942)
WordPress Plugin Download from files Arbitrary File Upload (1.48)
MySQL CVE-2021-2031 Vulnerability (CVE-2021-2031)
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-16845)