← back
CVE-2010-2225

CVE-2010-2225

EPSS 5.3%
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.htmlhttp://marc.info/?l=bugtraq&m=133469208622507&w=2http://pastebin.com/mXGidCsdhttps://bugzilla.redhat.com/show_bug.cgi?id=605641http://secunia.com/advisories/40860https://exchange.xforce.ibmcloud.com/vulnerabilities/59610http://support.apple.com/kb/HT4312http://twitter.com/i0n1c/statuses/16373156076http://twitter.com/i0n1c/statuses/16447867829http://www.debian.org/security/2010/dsa-2089