Description
The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Insert or Embed Articulate Content into WordPress Security Bypass (4.2996)
Jetty Integer Overflow or Wraparound Vulnerability (CVE-2017-7657)
WordPress Plugin WP-Stats 'author' Parameter SQL Injection (2.0)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2080)
WordPress Plugin WordPress Poll Multiple SQL Injection Vulnerabilities (33.5)