PT-2007-3233 · Php+2 · Php+2

Publicado

2007-04-05

Atualizado

2022-07-21

CVE-2007-1887

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 4.4.5 PHP versions prior to 5.2.1

Description: A buffer overflow issue exists in the sqlite decode binary function within the bundled sqlite library. This allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. The issue can be demonstrated by calling the sqlite udf decode binary function with a 0x01 character.

Recommendations: For PHP versions prior to 4.4.5, update to version 4.4.5 or later to resolve the issue. For PHP versions prior to 5.2.1, update to version 5.2.1 or later to resolve the issue.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120

Identificadores relacionados

CVE-2007-1887

DSA-1283-1

DTSA-39-1

HPSBUX02262

Produtos afetados

Hp-Ux

Php

Sqlite

PT-2007-3233 · Php+2 · Php+2

CVE-2007-1887

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 47