Vulnerability Management

PHP vulnerabilities patched

PHP developers have fixed a number of vulnerabilities that would have allowed remote code execution.

High-Tech Bridge researchers had discovered the vulnerabilities, the most critical being CVE-2014-3669, which, Security Lab Russia said “can cause an integer overflow when parsing specially crafted serialized data with the [unserialized].”

While it only applies to a 32-bit system, the vulnerability can wreak havoc. The two other vulnerabilities patched were CVE-2014-3668 and CVE-2014-3669, correcting errors “associated with the introduction of a null byte in he library cURL.

More than 80 percent of all websites on the internet are written in the server-side scripting and general-purpose programming language.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.