CIS CYBER SECURITY ADVISORY NUMBER: 2015-011 DATE(S) ISSUED: 02/10/2015 SUBJECT: A Vulnerability in PHP Could Allow Remote Code Execution OVERVIEW: A vulnerability has been discovered in the PHP which could allow an attacker to remotely disclose source code and potentially execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of a webserver. Failed attempts will likely result in denial-of-service conditions. http://msisac.cisecurity.org/advisories/2015/2015-011.cfm Matt Stehouwer Technology Manager Michigan State University College of Natural Science Deans Office 288 Farm Lane RM 154 East Lansing, MI 48824 517 355-9003 | Email: [log in to unmask]<mailto:[log in to unmask]> Linked-In: www.linkedin.com/in/mattstehouwer/<http://www.linkedin.com/in/mattstehouwer/>