File tree 1 file changed +4
-3
lines changed 1 file changed +4
-3
lines changed Original file line number Diff line number Diff line change 1111 <div xmlns =" http://www.w3.org/1999/xhtml"
1212 <p >Recently, a bug in <strong >glibc</strong > version 2.39 and older (<a
1313 href =" https://nvd.nist.gov/vuln/detail/CVE-2024-2961" a >) was uncovered
14- where a buffer overflow in character set conversions *to* the
15- ISO-2022-CN-EXT character set.</p >
14+ where a buffer overflow in character set conversions <strong >to</strong >
15+ the ISO-2022-CN-EXT character set can result in remote code execution.
16+ </p >
1617
1718 <p >This specific buffer overflow in glibc is exploitable through PHP,
1819 which uses the iconv functionality in glibc to do character set
2223
2324 <p >There are numerous reports online with titles like "Mitigating the
2425 iconv Vulnerability for PHP (CVE-2024-2961)" or "PHP Under Attack". These
25- titles are misleading as this is <em >not</em > a bug in PHP itself.</p >
26+ titles are misleading as this is <strong >not</strong > a bug in PHP itself.</p >
2627
2728 <p >Currently there is no fix for this issue, but there is a workaround
2829 described in <a
You can’t perform that action at this time.
0 commit comments