|
PHP PHP_Binary Heap Information Leak Vulnerability
PHP 'php_binary' serialization handler is prone to a heap-information leak. The vulnerability arises because of a missing boundary check in the extraction of variable names. A local attacker can exploit this issue to obtain sensitive information (such as heap offsets and canaries) that may aid in other attacks. These versions are affected: PHP4 versions prior to 4.4.5 PHP5 versions prior to 5.2.1 Updates are available. |
|
|
Privacy Statement |
