A bug has been found in the popular web site scripting language PHP which theoretically could be used in a DoS attack against a web site. The bug is related to the way PHP 5.2 and 5.3 convert largest double-precision floating-point numbers from strings. The number in question is 2.2250738585072011e-308 and if a script wants to convert this from a string the CPU goes into an infinite loop. This could theoretically be used to mount a denial of service attack on a web site and send the CPU into overdrive.
The problem is known to only affect x86 32-bit PHP processes, regardless of whether the system hosting PHP is 32-bit or 64-bit. This is because 32-bit PHP processes use the x87 FPU for doing the conversion where as 64-bit processes use SSE.
The PHP team saw this as a critical bug and have released versions 5.3.5 and 5.2.17 to tackle the problem. It is strongly recommended that you upgrade to the new versions.