Vulnerabilities

CVE-2007-1711

by Fred · 26/03/2007

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007).

Date published : 2007-03-26

http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

http://www.securityfocus.com/bid/23121

Similar

Tags: Cybersecurity Alert