Description
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
Remediation
References
Related Vulnerabilities
PHP Out-of-bounds Read Vulnerability (CVE-2019-11035)
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.14)
Oracle JRE CVE-2014-0458 Vulnerability (CVE-2014-0458)
WordPress Plugin Simple Video Embedder Cross-Site Scripting (2.2)
WordPress Plugin Simple Schools Staff Directory Arbitrary File Upload (1.1)