Public Date:
605641: CVE-2010-2225 php: SplObjectStorage unserialization flaws (MOPS-2010-061)

The MITRE CVE dictionary describes this issue as:

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.

Find out more about CVE-2010-2225 from the MITRE CVE dictionary dictionary and NIST NVD.


Not vulnerable. This issue did not affect the versions of php as shipped with Red Hat Enterprise Linux 3, 4, or 5.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 php Not affected