CVE-2007-1380 (retired)

Priority
Description
The php_binary serialization handler in the session extension in PHP before
4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain
sensitive information (memory contents) via a serialized variable entry
with a large length value, which triggers a buffer over-read.
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-08-23 08:12:46 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)