PHP S Data Type Serialization Format Heap Information Leak Vulnerability

info
discussion
exploit
solution
references

PHP S Data Type Serialization Format Heap Information Leak Vulnerability

PHP 'S:' datatype serialization handler is prone to a heap-information leak.

The vulnerability arises because of a missing boundary check in the unserialization of escaped strings. A local attacker can exploit this issue to obtain sensitive information (such as heap offsets and canaries) that may aid in other attacks.

PHP 5.2.1 is affected.