Computer Security
[EN] securityvulns.ru no-pyccku


PHP is_a function vulnerability
Published:26.09.2011
Source:
SecurityVulns ID:11919
Type:library
Threat Level:
5/10
Description:Function behaviour is changed, making different application relying upon it behavior potentially vulnerable.
Affected:PHP : PHP 5.3
CVE:CVE-2011-3379 (The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.)
Original documentdocumentcipri_(at)_byte.nl, Security issue is_a function in PHP 5.3.7+ (26.09.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod