Jump to content

Advisories MDVSA-2010:255: php-intl


Recommended Posts

A vulnerability was discovered and corrected in php-intl:


Integer overflow in the NumberFormatter::getSymbol (aka

numfmt_get_symbol) function in PHP 5.3.3 and earlier allows

context-dependent attackers to cause a denial of service (application

crash) via an invalid argument (CVE-2010-4409).


The updated packages have been upgraded to php-intl-1.1.2 and patched

to correct this issue.

Link to comment
Share on other sites

This topic is now closed to further replies.

  • Create New...