Hi All, I have PHP-4.2.3. As per http://security.e-matters.de/advisories/112004.html , my PHP is vulnerable. I have a overview of the problem. Can someone answer my questions which make my understanding of the problem even better? 1)Only code that tries to create/initialize a Non-Persistent hash table is vulnerable under certain cases. True or False. 2)How come some remote attacker can set the Destructor to point to the function of his choice? 3)Where can I get the patch for this vulnerablity for PHP-4.2.3. 4)Can some one point to the executable test case for this problem so that I can test before and after incorporating the fix?
With regards Kamesh Jayachandran -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
