Latest YouTube Video

Wednesday, April 29, 2015

[FD] Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize() with exception

# Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize() with exception Taoguang Chen <[@chtg](http://github.com/chtg)> - Write Date: 2015.3.3 - Release Date: 2015.4.28 > A type confusion vulnerability was discovered in exception object's __toString()/getTraceAsString() method that can be abused for leaking arbitrary memory blocks or heap overflow. Affected Versions

Source: Gmail -> IFTTT-> Blogger

No comments: