Description

PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors.

Remediation

References

CVE-2011-3267

Related Vulnerabilities

Ruby Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-1891)

MySQL CVE-2014-6568 Vulnerability (CVE-2014-6568)

WordPress Plugin Helpful Security Bypass (4.5.14)

Oracle Database Server CVE-2013-3789 Vulnerability (CVE-2013-3789)

MySQL CVE-2020-2930 Vulnerability (CVE-2020-2930)

Severity

Medium

Classification

CVE-2011-3267

Tags

Missing Update Known Vulnerabilities