Out-of-bounds reads in zif_grapheme_stripos with negative offset

Disclosed: 2019-10-13 18:21:26 By fms To ibb

Unknown

Vulnerability Details

https://bugs.php.net/bug.php?id=72061 grapheme_stripos from the intl extension had a security issue when handling negative offsets, this allowed to read from arbitrary memory locations. Reported to developers on 2016-04-24, fixed 2016-04-29 and released at 2016-04-28, affected PHP 5.5 , 5.6 and 7. http://php.net/ChangeLog-5.php#5.5.35 http://php.net/ChangeLog-5.php#5.6.21 http://php.net/ChangeLog-7.php#7.0.6

Actions

View on HackerOne

Report Stats

Report ID: 135291
State: Closed
Substate: resolved
Upvotes: 2

Out-of-bounds reads in zif_grapheme_stripos with negative offset

Vulnerability Details

Actions

Report Stats

Share this report