A bug in a security update to PHP 5.3.9 has created a critical vulnerability, potentially allowing hackers to inject and execute code remotely.
The security update was originally created to prevent Denial of Service attacks, but the method used by the developers potentially allows a hacker to inject malicious code through a buffer overflow.
While PHP have not issued an official advisory about the problem, they are aware of the problem and are currently developing a security update.
PHP is the scripting language that many popular content management systems, including WordPress, Joomla and Drupal, are written in.
Comments