Description
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-1999-0238)
WordPress Plugin Ultimate Instagram Feed Unspecified Vulnerability (1.3)
WordPress Plugin Import/Export Customizer Settings Cross-Site Request Forgery (1.0.3)
WordPress Plugin Tidio Gallery Multiple Vulnerabilities (1.1)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3586)