PHP Cryptographic Issues Vulnerability - CVE-2010-1128

The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable as demonstrated by session cookies generated by using the uniqid function.