CVE-2007-2079

Name of the Vulnerable Software and Affected Versions XAMPP versions 1.6.0a and earlier

Description The issue concerns the ADONewConnection Connect function in adodb.php, which uses untrusted input for the database server hostname. This allows remote attackers to potentially trigger a library buffer overflow and execute arbitrary code via a long host parameter. The impact of this issue could also be unspecified.

Recommendations For XAMPP versions 1.6.0a and earlier, consider updating to a newer version that addresses this issue, although the exact fix might be argued to be in other products such as PHP or the ADOdb Library. As a temporary workaround, restrict the input for the database server hostname to prevent potential buffer overflow attacks.