Description

The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code.

Remediation

References

CVE-2007-1379

Related Vulnerabilities

WordPress Plugin BuddyPress Multiple Security Bypass Vulnerabilities (7.2.1)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple Vulnerabilities (8.0.4)

WordPress Plugin Multisite Plugin Manager Multiple Cross-Site Scripting Vulnerabilities (3.1.1)

OpenSSL CVE-2014-3511 Vulnerability (CVE-2014-3511)

MySQL CVE-2020-14873 Vulnerability (CVE-2020-14873)

Severity

Medium

Classification

CVE-2007-1379

Tags

Missing Update Known Vulnerabilities