Month Of PHP Security - PHP’s iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
d18872107c1dda39b76981664dc3403c8e50ea470b81d3b0498d2a2b02444189