The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability.
Publish Date : 2007-09-13 Last Update Date : 2017-09-28
Because the argument passed to the dl() function are always under the control of the author, Mandriva does not consider this a security issue.
The argument passed to the dl() function must always be under the control of the script author. We therefore do not consider this to be a security issue.
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.