Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8
From: Pierre Joye <pierre.php () gmail com>
Date: Sun, 25 Sep 2011 19:22:19 +0200

On Sun, Sep 25, 2011 at 6:38 PM, Rasmus Lerdorf <rasmus () php net> wrote:
So
are we talking about the tiny number of people who have explicitly
enabled allow_url_include and are running the code with this bad autoloader?

Yes, and that's why it is a very very minor problem. However it was
not happening before the code change. The few cases where the class
names&co have been sanitize before and the developer did not think
about cases like the one describe in the blog post. I think it is even
more rare combination, but it was not happening before our change.


-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault