PHP variables unset use after free vulnerability

2007-03-25T00:00:00
ID SECURITYVULNS:VULN:7473
Type securityvulns
Reporter PHP-SECURITY
Modified 2007-03-25T00:00:00

Description

There is no access counters for _SESSION and HTTP_SESSION_VARS variables, making it possible to trigger use-after-free conditions by unsetting these variables. In addition, it's possible to deserealize these variables.