Integer overflow in the str_pad function in ext/standard/string.c in PHP prior to 7.0.4 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.2 |