Description
The php_url_parse_ex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via vectors involving the smart_str data type.
Remediation
References
Related Vulnerabilities
WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)
Drupal CVE-2014-9016 Vulnerability (CVE-2014-9016)
Oracle Database Server CVE-2014-6577 Vulnerability (CVE-2014-6577)
Apache HTTP Server Other Vulnerability (CVE-2001-0731)
WordPress Plugin WolfNet IDX for WordPress Multiple Unspecified Vulnerabilities (1.14.7)