The PHP developers have eliminated four vulnerabilities in their products
The update fixed a vulnerability that could lead to an integer overflow.
PHP developers have released a patches 5.6.2, 5.5.18 and 5.4.34 for your scripting language that eliminates four vulnerabilities, including CVE-2014-1668, CVE-2014-3669 and CVE-2014-3670.
All holes were discovered in September of this year. The most dangerous of the patched vulnerabilities is CVE-2014-3669. It can cause an integer overflow when parsing specially designed serialize data using the unserialize () function. (more…)