2
Candidate: CVE-2007-1522
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1522
6
Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1
7
allows context-dependent attackers to execute arbitrary code via illegal
8
characters in a session identifier, which is rejected by an internal
9
session storage module, which calls the session identifier generator with
10
an improper environment, leading to code execution when the generator is
11
interrupted, as demonstrated by triggering a memory limit violation or
23
dapper_php5: not-affected
24
edgy_php5: not-affected
25
feisty_php5: ignored (local exploit, double-free, not vulnerable with feisty glibc)
26
devel_php5: not-affected