Description
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (7.1.04)
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-6664)
MySQL CVE-2017-3648 Vulnerability (CVE-2017-3648)
Squid Improper Input Validation Vulnerability (CVE-2009-2855)
WordPress Plugin Post Lists View Custom Cross-Site Scripting (1.7.1)