# Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize() with exception Taoguang Chen <[@chtg](http://github.com/chtg)> - Write Date: 2015.3.3 - Release Date: 2015.4.28 > A type confusion vulnerability was discovered in exception object's __toString()/getTraceAsString() method that can be abused for leaking arbitrary memory blocks or heap overflow. Affected Versions
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment