PT-2007-2795 · Astronomical Applications+1 · Cracklib+1
Rgod
·
Publicado
2007-03-10
·
Atualizado
2018-10-16
·
CVE-2007-1401
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
PHP versions prior to 5.0.0
Description
A buffer overflow issue exists in the crack extension (CrackLib) bundled with PHP, which could potentially allow local users to gain privileges. This is achieved by providing a long argument to the
crack opendict function.Recommendations
For PHP versions prior to 5.0.0, update to version 5.0.0 or later to resolve the issue.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Cracklib
Php