CVE-2007-1522

Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier generator with an improper environment, leading to code execution when the generator is interrupted, as demonstrated by triggering a memory limit violation or certain PHP errors.

Published: Mar 20, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-1522
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
php / php	5.2.0	5.2.0.x
php / php	5.2.1	5.2.1.x

http://secunia.com/advisories/24505
http://secunia.com/advisories/25056
http://www.novell.com/linux/security/advisories/2007_32_php.html
http://www.php-security.org/MOPB/MOPB-23-2007.html
http://www.securityfocus.com/bid/22971
http://www.vupen.com/english/advisories/2007/0960

Vulnerability Database

289,697

CVE-2007-1522