PHP Str_Replace() Integer Overflow Vulnerability

PHP Str_Replace() Integer Overflow Vulnerability

PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer-overflow and corrupt process memory.

Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects versions prior to PHP 4.4.5 and 5.2.1.