Description

PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors.

Remediation

References

CVE-2011-3267

Related Vulnerabilities

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27947)

WordPress Plugin Button Widget Smartsoft Cross-Site Request Forgery (1.0.1)

Jboss EAP Improper Input Validation Vulnerability (CVE-2016-3110)

WordPress Plugin Tweet Wheel Multiple Cross-Site Scripting Vulnerabilities (1.0.3.2)

WordPress Plugin PayPal Digital Goods powered by Cleeng Cross-Site Scripting (2.2.13)

Severity

Medium

Classification

CVE-2011-3267

Tags

Missing Update Known Vulnerabilities