Description

Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.

Remediation

References

CVE-2007-1521

Related Vulnerabilities

OpenSSL Inefficient Regular Expression Complexity Vulnerability (CVE-2023-3446)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)

Serendipity Other Vulnerability (CVE-2005-1449)

WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors SQL Injection (2.0.2)

WordPress Plugin Gravity Forms Cross-Site Scripting (1.9.15.11)

Severity

Medium

Classification

CVE-2007-1521

Tags

Missing Update Known Vulnerabilities