Description

The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.

Remediation

References

CVE-2011-0420

Related Vulnerabilities

Oracle Application Server CVE-2008-2614 Vulnerability (CVE-2008-2614)

Squid Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-28652)

WordPress Plugin underConstruction Cross-Site Request Forgery (1.08)

WordPress Plugin WP Plugin Info Card Unspecified Vulnerability (2.3.6)

WordPress Plugin MaxBlogPress Max Banner Ads Cross-Site Scripting (1.9)

Severity

Medium

Classification

CVE-2011-0420

Tags

Missing Update Known Vulnerabilities