Back to search
CVE-2007-1521
Published: Mar 20, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2007-0960
vdb-entry
x_refsource_VUPEN
ADV-2007-2732
vdb-entry
x_refsource_VUPEN
25056
third-party-advisory
x_refsource_SECUNIA
DSA-1283
vendor-advisory
x_refsource_DEBIAN
24505
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2007-07-31
vendor-advisory
x_refsource_APPLE
GLSA-200705-19
vendor-advisory
x_refsource_GENTOO
http://us2.php.net/releases/4_4_7.php
x_refsource_CONFIRM
25062
third-party-advisory
x_refsource_SECUNIA
USN-455-1
vendor-advisory
x_refsource_UBUNTU
DSA-1282
vendor-advisory
x_refsource_DEBIAN
http://us2.php.net/releases/5_2_2.php
x_refsource_CONFIRM
http://docs.info.apple.com/article.html?artnum=306172
x_refsource_CONFIRM
http://www.php-security.org/MOPB/MOPB-22-2007.html
x_refsource_MISC
25159
vdb-entry
x_refsource_BID
25445
third-party-advisory
x_refsource_SECUNIA
25057
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2007:032
vendor-advisory
x_refsource_SUSE
25025
third-party-advisory
x_refsource_SECUNIA
22968
vdb-entry
x_refsource_BID
26235
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now