Описание
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-2225
- https://bugzilla.redhat.com/show_bug.cgi?id=605641
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59610
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
- http://marc.info/?l=bugtraq&m=133469208622507&w=2
- http://pastebin.com/mXGidCsd
- http://secunia.com/advisories/40860
- http://support.apple.com/kb/HT4312
- http://twitter.com/i0n1c/statuses/16373156076
- http://twitter.com/i0n1c/statuses/16447867829
- http://www.debian.org/security/2010/dsa-2089
- http://www.securityfocus.com/bid/40948
EPSS
CVE ID
Связанные уязвимости
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Use-after-free vulnerability in the SplObjectStorage unserializer in P ...
EPSS