by Sabari Selvan on Sunday, October 19, 2014
The PHP development team has released new versions in order to fix three security vulnerabilities -one of them is said to be a critical one and leads to remote code execution.
The vulnerability identified as "CVE-2014-3669" can cause an integer overflow when parsing specially crafted serialized data with the unserialize ().The vulnerability is only a 32-bit system, but the danger is caused by the breach and that the serialized data often come from user-controlled channels.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.