The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x up to and including 5.3.3, allows context-dependent malicious users to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
scottmac libmbfl 1.1.0 |