info
discussion
exploit
solution
references
PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability
References:
Bug 605641 - (CVE-2010-2225) CVE-2010-2225 PHP unsafe unserialize() use flaw
(Josh Bressers)
MOPS-2010-061: PHP SplObjectStorage Deserialization Use-After-Free Vulnerability
(Stefan Esser)
PHP Homepage
(PHP)
USN-989-1: PHP vulnerabilities
(Ubuntu)
Privacy Statement
Copyright 2010, SecurityFocus
