CVE-2011-1467

Published: 19 March 2011

Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.

Priority

Status

Package	Release	Status
php5 Launchpad, Ubuntu, Debian	Upstream	Released (5.3.6)







	Patches: Upstream: http://svn.php.net/viewvc?view=revision&revision=306154 Upstream: http://svn.php.net/viewvc?view=revision&revision=306157

Notes

Author	Note
sbeattie	ext/intl had not been merged into core php yet in 5.2.x branch

References

Bugs

http://bugs.php.net/bug.php?id=53512

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading