Enter your email address:

Delivered by FeedBurner

feedburner count

PHP fixed Remote Code Execution Vulnerabilities.

Labels: ,

The susceptibility determined as "CVE-2014-3669" could induce an integer overflow when analyzing specifically crafted serialized information with the unserialize (). The susceptibility is simply a 32-bit system, however the risk is induced by the violation which the serialized information usually originate from user-controlled stations.

On top of that, the updates have actually been dealt with mistakes connected with the intro of a void byte in the collection cURL, calling the harm vibrant memory throughout handling of the changed information as a feature of exif_thumbnail () in photo handling (CVE-2014-3670), along with buffer overflow in the feature mkgmtime () from the component XMLRPC (CVE-2014-3668).

These susceptibilities were uncovered by the Study laboratory of IT protection business High-Tech Bridge.

The brand-new models 5.6.2,5.5.18 and also 5.4.34 address these 3 susceptibilities.

The PHP advancement group has actually launched brand-new models in order to repair 3 protection susceptibilities -among them is stated to be a crucial one as well as brings about remote code implementation.

Get Articles from this blog via E-mail !

subscribe to Hackbook.net Enter your email address:


Post a Comment

Post a Comment