VYPR
Unrated severityNVD Advisory· Published Mar 27, 2007· Updated Jun 16, 2026

CVE-2007-1711

CVE-2007-1711

Description

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • PHP/PHP3 versions
    cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*
    • (no CPE)range: 4.4.5, 4.4.6

Patches

Vulnerability mechanics

References

26

News mentions

0

No linked articles in our index yet.