Date: Thu, 9 Apr 2015 10:45:47 +0200 From: Tomas Hoger <thoger@...hat.com> To: cve-assign@...re.org Cc: Andrea Palazzo <andrea.palazzo@...el.it>, oss-security@...ts.openwall.com, security@....net Subject: Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize() On Fri, 20 Mar 2015 20:35:59 +0100 Andrea Palazzo wrote: > Hi everyone, > I'd like to request a CVE for the PHP Sec Bug #69085. > > Description: > SoapClient's __call() method is prone to a type confusion > vulnerability which can be used to gain remote code execution through > unsafe unserialize() calls. > > Info: > https://bugs.php.net/bug.php?id=69085 Re-sending with cve-assign@ CC. -- Tomas Hoger / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ