oss-sec mailing list archives
Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize()
From: Tomas Hoger <thoger () redhat com>
Date: Thu, 9 Apr 2015 10:45:47 +0200
On Fri, 20 Mar 2015 20:35:59 +0100 Andrea Palazzo wrote:
Hi everyone, I'd like to request a CVE for the PHP Sec Bug #69085. Description: SoapClient's __call() method is prone to a type confusion vulnerability which can be used to gain remote code execution through unsafe unserialize() calls. Info: https://bugs.php.net/bug.php?id=69085
Re-sending with cve-assign@ CC. -- Tomas Hoger / Red Hat Product Security
Current thread:
- Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize() Tomas Hoger (Apr 09)
- Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize() Tomas Hoger (May 27)
- <Possible follow-ups>
- Re: CVE Request: PHP SoapClient's __call() type confusion through unserialize() cve-assign (Jun 01)