The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Php | Php | 5.3.8 (including) | 5.3.8 (including) |