Description
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Poll Multiple SQL Injection and Security Bypass Vulnerabilities (34.04)
WordPress Plugin User Meta Manager Information Disclosure (3.4.7)
Jboss EAP CVE-2016-5018 Vulnerability (CVE-2016-5018)
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10130)
WordPress Plugin Booster for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)