Description

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access.

Remediation

References

CVE-2007-2844

Related Vulnerabilities

WordPress Plugin My Category Order 'parentID' Parameter SQL Injection (2.8)

Atlassian Jira CVE-2020-36237 Vulnerability (CVE-2020-36237)

WordPress Plugin Magic Post Voice Cross-Site Scripting (1.2)

Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43164)

WordPress Plugin GarageSale Cross-Site Scripting (1.2.2)

Severity

Critical

Classification

CVE-2007-2844

Tags

Missing Update Known Vulnerabilities