PHP Printf() Function 64bit Casting Multiple Format String Vulnerabilities

PHP Printf() Function 64bit Casting Multiple Format String Vulnerabilities

PHP is prone to multiple format-string vulnerabilities due to a design error when casting 64-bit variables to 32 bits.

Attackers may be able to exploit these issues to execute arbitrary code in the context of the webserver process or to cause denial-of-service conditions.

These issues affect PHP versions prior to 4.4.5 and 5.2.1 running on 64-bit computers.