Description
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read.
Remediation
References
Related Vulnerabilities
WordPress Plugin Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0)
WordPress Plugin JupiterX Core Security Bypass (2.0.6)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0114)
SharePoint CVE-2021-31181 Vulnerability (CVE-2021-31181)
WordPress Plugin WordPress Landing Pages SQL Injection (1.2.1)