Description

The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.

Remediation

References

CVE-2007-4659

Related Vulnerabilities

PleskLin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-24044)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11823)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1564)

Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-7743)

WeBid Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-5101)

Severity

High

Classification

CVE-2007-4659

Tags

Missing Update Known Vulnerabilities