(update assigned CVE-2012-0830). The funny thing is that this vulnerability was introduced in the fix for the hash collision DOS (CVE-2011-4885) reported in December. http://www.php.net/archive/2012.php#id2012-02-02-1 Poc: https://gist.github.com/1725489 Reference: http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/ Reproducible: Always
*** This bug has been marked as a duplicate of bug 401997 ***