CVE-2007-4441

Name of the Vulnerable Software and Affected Versions PHP versions prior to 5.2.0

Description A buffer overflow issue exists in the win32std extension, specifically in the php win32std.dll file, allowing context-dependent attackers to execute arbitrary code. This is achieved by passing a long string in the filename argument to the win browse file function.

Recommendations For versions prior to 5.2.0, update to a version that contains a fix for this issue to prevent arbitrary code execution. As a temporary workaround, consider restricting the use of the win browse file function until a patch is available.