|
|
PHP 5 Substr_Compare Integer Overflow Vulnerability
PHP 5 'substr_compare()' function is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. A local attacker can exploit this vulnerability to obtain sensitive information (such as stack offsets, variables, and canaries) that may aid in other attacks. PHP 5.2.1 and earlier versions are reported vulnerable to this issue. |
|
Privacy Statement |