Description
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation.
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-0384 Vulnerability (CVE-2013-0384)
WordPress Plugin Gallery-Image and Video Gallery with Thumbnails SQL Injection (2.0.3)
MySQL Improper Access Control Vulnerability (CVE-2025-50081)
WordPress Plugin jQuery Reply to Comment Cross-Site Request Forgery (1.31)
Internet Information Services Other Vulnerability (CVE-1999-1375)