Unrated severityNVD Advisory· Published Mar 20, 2007· Updated Jun 16, 2026
CVE-2007-1521
CVE-2007-1521
Description
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
21- www.php-security.org/MOPB/MOPB-22-2007.htmlnvdExploitVendor Advisory
- secunia.com/advisories/24505nvdVendor Advisory
- secunia.com/advisories/25025nvdVendor Advisory
- secunia.com/advisories/25057nvdVendor Advisory
- secunia.com/advisories/25062nvdVendor Advisory
- docs.info.apple.com/article.htmlnvd
- lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlnvd
- secunia.com/advisories/25056nvd
- secunia.com/advisories/25445nvd
- secunia.com/advisories/26235nvd
- security.gentoo.org/glsa/glsa-200705-19.xmlnvd
- us2.php.net/releases/4_4_7.phpnvd
- us2.php.net/releases/5_2_2.phpnvd
- www.debian.org/security/2007/dsa-1282nvd
- www.debian.org/security/2007/dsa-1283nvd
- www.novell.com/linux/security/advisories/2007_32_php.htmlnvd
- www.securityfocus.com/bid/22968nvd
- www.securityfocus.com/bid/25159nvd
- www.ubuntu.com/usn/usn-455-1nvd
- www.vupen.com/english/advisories/2007/0960nvd
- www.vupen.com/english/advisories/2007/2732nvd
News mentions
0No linked articles in our index yet.