CVE-2010-2225: Use After Free
First published: Fri Jun 18 2010(Updated: )
A vulnerability was found in the SplObjectStorage unserializer. If the PHP unserialize() function is used by a script on untrusted data provided by a remote attacker the attacker may be able to force an information leak or remote execution of code on the server. This was reported by Stefan Esser at the SyScan'10 Conference in Singapore.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHP | =5.2.9 | |
| PHP | =5.2.7 | |
| PHP | =5.2.2 | |
| PHP | =5.2.5 | |
| PHP | =5.2.12 | |
| PHP | =5.2.11 | |
| PHP | =5.2.6 | |
| PHP | =5.2.3 | |
| PHP | =5.2.13 | |
| PHP | =5.2.0 | |
| PHP | =5.2.4 | |
| PHP | =5.2.10 | |
| PHP | =5.2.1 | |
| PHP | =5.2.8 | |
| PHP | =5.3.1 | |
| PHP | =5.3.0 | |
| PHP | =5.3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://pastebin.com/mXGidCsd
- http://twitter.com/i0n1c/statuses/16373156076
- http://www.securityfocus.com/bid/40948
- https://bugzilla.redhat.com/show_bug.cgi?id=605641
- http://twitter.com/i0n1c/statuses/16447867829
- http://secunia.com/advisories/40860
- http://www.debian.org/security/2010/dsa-2089
- http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
- http://support.apple.com/kb/HT4312
- http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
- http://marc.info/?l=bugtraq&m=133469208622507&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59610
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=605645
- http://php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/
- http://svn.php.net/viewvc?view=revision&revision=300843
- http://nibbles.tuxfamily.org/?p=1837
- http://www.php.net/releases/5_3_3.php
Frequently Asked Questions
What is the severity of CVE-2010-2225?
CVE-2010-2225 is considered a critical vulnerability that can lead to information disclosure and remote code execution.
How do I fix CVE-2010-2225?
To fix CVE-2010-2225, upgrade to a patched version of PHP that addresses this vulnerability.
Which versions of PHP are affected by CVE-2010-2225?
CVE-2010-2225 affects multiple PHP versions, including 5.2.0 through 5.2.13 and 5.3.0 to 5.3.2.
What types of attacks can be executed due to CVE-2010-2225?
CVE-2010-2225 can be exploited to perform remote code execution or information leakage through insecure unserialization.
Who reported the CVE-2010-2225 vulnerability?
CVE-2010-2225 was reported by Stefan Esser.
- agent/type
- agent/first-publish-date
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-2225
- agent/trending
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/php
- canonical/php
- version/php/5.2.9
- version/php/5.2.7
- version/php/5.2.2
- version/php/5.2.5
- version/php/5.2.12
- version/php/5.2.11
- version/php/5.2.6
- version/php/5.2.3
- version/php/5.2.13
- version/php/5.2.0
- version/php/5.2.4
- version/php/5.2.10
- version/php/5.2.1
- version/php/5.2.8
- version/php/5.3.1
- version/php/5.3.0
- version/php/5.3.2