Description
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Remediation
References
Related Vulnerabilities
WordPress Plugin BuddyPress Security Bypass (6.3.0)
Internet Information Services Other Vulnerability (CVE-2005-2089)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7002)
WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58)
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784)