Check Point Advisories

PHP Session Serializer Session Data Injection (CVE-2010-3065)

Check Point Reference: CPAI-2013-2987
Date Published: 20 Oct 2013
Severity: Critical
Last Updated: Tuesday 01 January, 2013
Source: CVE-2010-3065
Protection Provided by:
Who is Vulnerable? PHP 5.2 to 5.2.13
PHP 5.3 to 5.3.2
Vulnerability Description A Session Data Injection vulnerability has been reported in php framework.
Vulnerability DetailsThe vulnerability is due to insufficient validation of request parameters. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could result in modification of superglobal variables.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK