CVE-2007-1484

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.2.1 PHP version 4.4.6 and earlier

Description The issue is related to the array user key compare function, which makes erroneous calls to zval dtor, leading to memory corruption. This allows local users to bypass safe mode and execute arbitrary code via a certain unset operation after array user key compare has been called.

Recommendations For PHP versions prior to 5.2.1, update to version 5.2.1 or later to resolve the issue. For PHP version 4.4.6 and earlier, consider upgrading to a newer version of PHP, as these versions are no longer supported. As a temporary workaround, consider restricting the use of the array user key compare function and the zval dtor function until a patch is available.