#Use After Free Vulnerability in unserialize() with SPL ArrayObject
Taoguang Chen <@chtg> - Write Date: 2015.7.30 - Release Date: 2015.8.7
A use-after-free vulnerability was discovered in unserialize() with SPL ArrayObject object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely.
Affected is PHP 5.6 < 5.6.12
Affected is PHP 5.5 < 5.5.28