The security researcher Sam Thomas from Secarma found a new exploitation technique that can lead to critical PHP object injection vulnerabilities - without using the PHP function
unserialize(). The new technique was announced at the BlackHat USA conference in his talk It’s a PHP Unserialization Vulnerability Jim, but Not as We Know It1. It can enable attackers to escalate the severity of file related vulnerabilities to remote code execution. We added the detection of this new type of attack to our RIPS Code Analysis engine.