Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Interesting analysis of the PHP SplObjectStorage Vulnerability

Published: 2010-07-04
Last Updated: 2010-07-04 20:23:57 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
0 comment(s)

There is a vulnerability posted in June under CVE-2010-2225 regarding a bug in the PHP SplObjectStorage. I found an excellent analysis made for this vulnerability, including a POC. More information at

If you use PHP and a vulnerable version, find the patch at

-- Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org

0 comment(s)
Diary Archives