PHP WDDX Session Deserialization Information Leak Vulnerability

PHP WDDX Session Deserialization Information Leak Vulnerability

PHP WDDX extension serialization handler is prone to a stack-information leak.

The vulnerability arises because of an improper initialization of a 'key_length' variable. A local attacker can exploit this issue to obtain sensitive information (such as stack offsets, variables, and canaries) that may aid in other attacks.

These versions are reported affected:

PHP4 versions prior to 4.4.5
PHP5 versions prior to 5.2.1

Updates are available.

NOTE: This issue was previously discussed in BID 22496, but has been assigned its own record because new information has become available.