PHP developers have fixed a number of vulnerabilities that would have allowed remote code execution.
High-Tech Bridge researchers had discovered the vulnerabilities, the most critical being CVE-2014-3669, which, Security Lab Russia said “can cause an integer overflow when parsing specially crafted serialized data with the [unserialized].”
While it only applies to a 32-bit system, the vulnerability can wreak havoc. The two other vulnerabilities patched were CVE-2014-3668 and CVE-2014-3669, correcting errors “associated with the introduction of a null byte in he library cURL.
More than 80 percent of all websites on the internet are written in the server-side scripting and general-purpose programming language.