11-02-2005, 08:21 AM
Quote:The open-source PHP Group has shipped a new version of the general-purpose scripting language to fix several potentially serious security vulnerabilities.
The flaws addressed in the PHP 4.4.1 update are rated "moderately critical" by security alerts aggregator Secunia Inc.
...the patch corrects seven flaws and 35 other defects.
The most serious of the bugs could be exploited by malicious hackers to launch cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.
full article: http://www.eweek.com/article2/0,1895,1880431,00.asp