Description
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.
Remediation
References
Related Vulnerabilities
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-2097)
WordPress Plugin OdiHost Newsletter 'openstat.php' SQL Injection (1.0)
Oracle HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-1971)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2199)
Oracle Database Server CVE-2010-0866 Vulnerability (CVE-2010-0866)