Oval Definition:oval:org.opensuse.security:def:20071522
Revision Date:2012-07-03Version:1
Title:CVE-2007-1522
Description:

Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier generator with an improper environment, leading to code execution when the generator is interrupted, as demonstrated by triggering a memory limit violation or certain PHP errors.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-1522
Platform(s):openSUSE 10.2
Product(s):
Definition Synopsis
  • suse102 is installed
  • AND Package Information
  • apache2-mod_php5 less than 5.2.0-14
  • OR php5-bcmath less than 5.2.0-14
  • OR php5-bz2 less than 5.2.0-14
  • OR php5-calendar less than 5.2.0-14
  • OR php5-ctype less than 5.2.0-14
  • OR php5-curl less than 5.2.0-14
  • OR php5-dba less than 5.2.0-14
  • OR php5-dbase less than 5.2.0-14
  • OR php5-devel less than 5.2.0-14
  • OR php5-dom less than 5.2.0-14
  • OR php5-exif less than 5.2.0-14
  • OR php5-fastcgi less than 5.2.0-14
  • OR php5-ftp less than 5.2.0-14
  • OR php5-gd less than 5.2.0-14
  • OR php5-gettext less than 5.2.0-14
  • OR php5-gmp less than 5.2.0-14
  • OR php5-hash less than 5.2.0-14
  • OR php5-iconv less than 5.2.0-14
  • OR php5-imap less than 5.2.0-14
  • OR php5-json less than 5.2.0-14
  • OR php5-ldap less than 5.2.0-14
  • OR php5-mbstring less than 5.2.0-14
  • OR php5-mcrypt less than 5.2.0-14
  • OR php5-mhash less than 5.2.0-14
  • OR php5-mysql less than 5.2.0-14
  • OR php5-ncurses less than 5.2.0-14
  • OR php5-odbc less than 5.2.0-14
  • OR php5-openssl less than 5.2.0-14
  • OR php5-pcntl less than 5.2.0-14
  • OR php5-pdo less than 5.2.0-14
  • OR php5-pear less than 5.2.0-14
  • OR php5-pgsql less than 5.2.0-14
  • OR php5-posix less than 5.2.0-14
  • OR php5-pspell less than 5.2.0-14
  • OR php5-shmop less than 5.2.0-14
  • OR php5-snmp less than 5.2.0-14
  • OR php5-soap less than 5.2.0-14
  • OR php5-sockets less than 5.2.0-14
  • OR php5-sqlite less than 5.2.0-14
  • OR php5-suhosin less than 5.2.0-14
  • OR php5-sysvmsg less than 5.2.0-14
  • OR php5-sysvsem less than 5.2.0-14
  • OR php5-sysvshm less than 5.2.0-14
  • OR php5-tidy less than 5.2.0-14
  • OR php5-tokenizer less than 5.2.0-14
  • OR php5-wddx less than 5.2.0-14
  • OR php5-xmlreader less than 5.2.0-14
  • OR php5-xmlrpc less than 5.2.0-14
  • OR php5-xmlwriter less than 5.2.0-14
  • OR php5-xsl less than 5.2.0-14
  • OR php5-zip less than 5.2.0-14
  • OR php5-zlib less than 5.2.0-14
    • BACK