CVE-2011-3379

2011-11-03T15:55:00
ID CVE-2011-3379
Type cve
Reporter cve@mitre.org
Modified 2012-07-03T04:02:00

Description

The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.