Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2014-9912 - Vulnerability Database
PHP

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2014-9912

Critical
Reference: CVE-2014-9912
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-9912
Title: PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Overview:

The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29 5.4.x before 5.4.30 and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument.