Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27050
HistorySep 26, 2011 - 12:00 a.m.

Security issue is_a function in PHP 5.3.7+

2011-09-2600:00:00
vulners.com
64
JSON

PHP 5.3.7 changed the behavior of the is_a() function, used to check if an object is an instance of a class, to call the __autoload() function. This causes a remote code execute problem when coupled with a standard library like PEAR that internally uses is_a to check if a returned variable is an Error object or not.

An unprotected __autoload() function that blindly includes based upon the variable it receives can be tricked into including a remote file by, for example, uploading a specially crafted file containing a link to a remote website.

Full explanation + code example has been posted on our website at http://www.byte.nl/blog/2011/09/23/security-bug-in-is_a-function-in-php-5-3-7-5-3-8/ and has been e-mailed to [email protected]


Cipriano Groenendal

JSON