PHP 5.3.10 released to fix a serious bug
Posted by Esvon Support on 03 February 2012 11:45 AM
The well known security expert Stefan Esser, Suhosin developer, has revealed again yet another serious security bug in PHP 5.3.9.|
This time it is a bug that allows arbitrary remote code execution. This means that it allows to run arbitrary code on the server, injected by an eventual attacker, so it can be used to cause many types of damage inside a server.
We recommend you to upgrade to PHP 5.3.10 because if you are not vulnerable to this remote code execution security bug, you are vulnerable to the hash collision problem which was fixed in 5.3.9
P.S. Suhosin is a PHP extension that is meant to protect PHP installations against known and unknown PHP security bugs