Description
Integer overflow in the xml_utf8_encode function in ext/xml/xml.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long argument to the utf8_encode function, leading to a heap-based buffer overflow.
Remediation
References
Related Vulnerabilities
WordPress Plugin Frontend File Manager Arbitrary File Upload (3.9)
WordPress Plugin Zingiri Web Shop Cross-Site Scripting (2.4.2)
TYPO3 Improper Input Validation Vulnerability (CVE-2014-9509)
WordPress Plugin Code Snippets Cross-Site Scripting (2.6.1)
WordPress Plugin Contact Form 7 Integrations Multiple Cross-Site Scripting Vulnerabilities (1.3.10)