Description

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.

Remediation

References

CVE-2010-2225

Related Vulnerabilities

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13760)

WordPress Plugin WebEngage Feedback, Survey and Notification Cross-Site Scripting (2.0.0)

WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.4)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.8.3)

WordPress Plugin Facebook Button by BestWebSoft Cross-Site Scripting (2.33)

Severity

High

Classification

CVE-2010-2225

Tags

Missing Update Known Vulnerabilities