PHP PHP_Binary Heap Information Leak Vulnerability
PHP 'php_binary' serialization handler is prone to a heap-information leak.
The vulnerability arises because of a missing boundary check in the extraction of variable names. A local attacker can exploit this issue to obtain sensitive information (such as heap offsets and canaries) that may aid in other attacks.
These versions are affected:
PHP4 versions prior to 4.4.5
PHP5 versions prior to 5.2.1
Updates are available.