Description

The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code.

Remediation

References

CVE-2007-1379

Related Vulnerabilities

WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0930)

Jboss EAP Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4993)

ZenCart Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2024-5762)

Squid Incorrect Conversion between Numeric Types Vulnerability (CVE-2023-46848)

Severity

Medium

Classification

CVE-2007-1379

Tags

Missing Update Known Vulnerabilities