CVE-2010-2225: Use After Free
First published: Fri Jun 18 2010(Updated: )
A vulnerability was found in the SplObjectStorage unserializer. If the PHP unserialize() function is used by a script on untrusted data provided by a remote attacker the attacker may be able to force an information leak or remote execution of code on the server. This was reported by Stefan Esser at the SyScan'10 Conference in Singapore.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHP PHP | =5.2.9 | |
| PHP PHP | =5.2.7 | |
| PHP PHP | =5.2.2 | |
| PHP PHP | =5.2.5 | |
| PHP PHP | =5.2.12 | |
| PHP PHP | =5.2.11 | |
| PHP PHP | =5.2.6 | |
| PHP PHP | =5.2.3 | |
| PHP PHP | =5.2.13 | |
| PHP PHP | =5.2.0 | |
| PHP PHP | =5.2.4 | |
| PHP PHP | =5.2.10 | |
| PHP PHP | =5.2.1 | |
| PHP PHP | =5.2.8 | |
| PHP PHP | =5.3.1 | |
| PHP PHP | =5.3.0 | |
| PHP PHP | =5.3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://pastebin.com/mXGidCsd
- http://twitter.com/i0n1c/statuses/16373156076
- http://www.securityfocus.com/bid/40948
- https://bugzilla.redhat.com/show_bug.cgi?id=605641
- http://twitter.com/i0n1c/statuses/16447867829
- http://secunia.com/advisories/40860
- http://www.debian.org/security/2010/dsa-2089
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
- http://support.apple.com/kb/HT4312
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
- http://marc.info/?l=bugtraq&m=133469208622507&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59610
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=605645
- http://php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/
- http://svn.php.net/viewvc?view=revision&revision=300843
- http://nibbles.tuxfamily.org/?p=1837
- http://www.php.net/releases/5_3_3.php
- collector/nvd-index
- collector/nvd-historical
- agent/type
- agent/first-publish-date
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-2225
- agent/tags
- agent/trending
- vendor/php
- canonical/php php
- version/php php/5.2.0
- version/php php/5.2.1
- version/php php/5.2.2
- version/php php/5.2.3
- version/php php/5.2.4
- version/php php/5.2.5
- version/php php/5.2.6
- version/php php/5.2.7
- version/php php/5.2.8
- version/php php/5.2.9
- version/php php/5.2.10
- version/php php/5.2.11
- version/php php/5.2.12
- version/php php/5.2.13
- version/php php/5.3.0
- version/php php/5.3.1
- version/php php/5.3.2