Description

The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources.

Remediation

References

CVE-2007-1582

Related Vulnerabilities

Zikula Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0911)

Mibew Messenger Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0829)

MySQL CVE-2017-3329 Vulnerability (CVE-2017-3329)

WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7)

WordPress Plugin wp heyloyalty Remote Code Execution (1.1.4)

Severity

Medium

Classification

CVE-2007-1582

Tags

Missing Update Known Vulnerabilities