WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Other Vulnerability (CVE-2007-1711)

Description

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007).

Remediation

References

Related Vulnerabilities

WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Scripting (2.5.2.1)

WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)

Oracle Application Server CVE-2006-0283 Vulnerability (CVE-2006-0283)

Oracle Database Server CVE-2009-1970 Vulnerability (CVE-2009-1970)

Drupal Core 8.8.x Security Bypass (8.8.0 - 8.8.7)

Severity

Medium

Classification

CVE-2007-1711

Tags

Missing Update Known Vulnerabilities