There is a vulnerability posted in June under CVE-2010-2225 regarding a bug in the PHP SplObjectStorage. I found an excellent analysis made for this vulnerability, including a POC. More information at http://nibbles.tuxfamily.org/?p=1837#more-1837. If you use PHP and a vulnerable version, find the patch at http://svn.php.net/viewvc?view=revision&revision=300843. -- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org |
Manuel Humberto Santander Pelaacuteez 195 Posts ISC Handler Jul 4th 2010 |
Thread locked Subscribe |
Jul 4th 2010 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!