CVE-2011-1464

Published: 19 March 2011

Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument.

Priority

Medium

Status

Package Release Status
php5
Launchpad, Ubuntu, Debian
Upstream
Released (5.3.6)
Patches:
Upstream: http://svn.php.net/viewvc?view=revision&revision=308525