Java unserialize remote code execution hole hits Commons Collections, JBoss, WebSphere, WebLogic A remote code vulnerability residing in the widely used Apache Commons library has put many Java ...

But in code you want to unserialize it so you can access the contents.<BR><BR>On the other hand, I don't know shit about PHP but that is my understanding of serialization in general.

"Since PHP allows object serialization, an unauthenticated user could pass ad-hoc serialized strings to a vulnerable unserialize call, resulting in an arbitrary PHP object (s) injection into the ...

Researchers have built proof-of-concept exploits for an unpatched unserialize vulnerability in Apache Commons Collections, a library used in most Java rollouts. For close to 10 months, a critical ...

Developers at PHP recently patched a bug that can lead to a heap-based buffer overflow. UPDATE Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities ...