Jump to content
Sign in to follow this  

Advisories MDVSA-2010:255: php-intl

Recommended Posts

A vulnerability was discovered and corrected in php-intl:


Integer overflow in the NumberFormatter::getSymbol (aka

numfmt_get_symbol) function in PHP 5.3.3 and earlier allows

context-dependent attackers to cause a denial of service (application

crash) via an invalid argument (CVE-2010-4409).


The updated packages have been upgraded to php-intl-1.1.2 and patched

to correct this issue.

Share this post

Link to post
Share on other sites
This topic is now closed to further replies.
Sign in to follow this  

  • Create New...