

Exploiting Memory Corruption Bugs in PHP Part 3: Popping Remote Shells - maplesyrupguy
http://www.inulledmyself.com/2015/05/exploiting-memory-corruption-bugs-in.html

======
0x0
Is this a 0day PHP exploit for SPLObjectStorage? Or is this [https://security-
tracker.debian.org/tracker/CVE-2015-0231](https://security-
tracker.debian.org/tracker/CVE-2015-0231) ?

~~~
dmix
> This post will be the first post in a three part series, starting with how
> to exploit CVE-2014-8142(and CVE-2015-0231), followed by remotely leaking
> arbitrary information, and ending with getting control of the PHP
> Interpreter. Stefan Esser(@i0n1c) is the security researcher who originally
> found both CVEs, and was also the first one to talk about controlling the
> PHP Interpreter(dubbed ret2php) at SyScan 2010.

