Double free vulnerability in PHP prior to 4.4.7, and 5.x prior to 5.2.2, allows context-dependent malicious users to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php php |