Month of PHP Bugs – Day 4

Two more PHP vulnerabilities exposed in Day 4 of the Month of PHP Bugs project raising the bug count to 11:

  1. PHP php_binary Session Deserialization Information Leak Vulnerability Malformed session data in php_binary format might leak a portion of heap data into PHP variables.
  2. PHP WDDX Session Deserialization Information Leak Vulnerability Numerical keys in session data in WDDX format might leak an arbitrary portion of stack data into PHP variables.

Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback. Print This Post Print This Post

Subscribe without commenting

Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge