Home » CVE Vulnerabilities » CVE-2006-1490
CVE-2006-1490 PHP before 5.1.3-RC1 might allow remote
- CVE ID: CVE-2006-1490
- Vendors:
- Date: November 30, -0001
- Severity: Low
- Impact score: 0.00
- Exploit score: 0.00
PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents.