PHP 'php_register_variable_ex()' Function Arbitrary Code Execution Vulnerability

PHP is prone to an arbitrary-code-execution vulnerability.

An attacker could exploit this issue to execute arbitrary code in the context of the application. Failed exploits will result in a denial-of-service condition.

This issue is introduced in the fix for CVE-2011-4885 (BID 51193).

PHP 5.3.9 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus