PHP5 prior to 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
redhat enterprise linux 5.0 |
||
redhat enterprise linux 6.0 |
||
debian debian linux 8.0 |