Description
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.
Remediation
References
Related Vulnerabilities
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
WebLogic CVE-2022-21564 Vulnerability (CVE-2022-21564)
WordPress Plugin Gravity Forms HubSpot Cross-Site Scripting (1.0.8)
Oracle Application Server CVE-2008-4017 Vulnerability (CVE-2008-4017)
WordPress Plugin WP Maintenance Mode Cross-Site Request Forgery (1.8.7)