Monthly Archives: December 2004

Just saw the announcement on Slashdot by the Hardened-PHP Project. The vulnerabilities include pack(), unpack(), safe_mode_exec_dir bypass in multithreaded PHP, realpath() and unserialize().