PHP hash_update_file() function use after free() vulnerability
Published:		22.03.2007
Source:		PHP-SECURITY
SecurityVulns ID:		7452
Type:		library
Level:		6/10
Description:		Race conditions allows to free resource processed by function.

Affected:		PHP : PHP 5.2
CVE:		CVE-2007-1581 (The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources.)

Original document

PHP-SECURITY, MOPB-28-2007:PHP hash_update_file() Already Freed Resource Access Vulnerability (22.03.2007)

Files:		PHP hash_update_file() freed resource usage exploit
Discuss:		Read or add your comments to this news (0 comments)