Description

PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors.

Remediation

References

CVE-2011-3267

Related Vulnerabilities

Joomla! Core 3.4.x Cross-Site Scripting (3.4.0 - 3.4.3)

WordPress Plugin VDZ VERIFICATION (Custom Meta Tags) Cross-Site Scripting (1.3.12)

Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2017-0898)

WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)

OpenSSL Use After Free Vulnerability (CVE-2023-0215)

Severity

Medium

Classification

CVE-2011-3267

Tags

Missing Update Known Vulnerabilities