D_7J

Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127.

Name of the Vulnerable Software and Affected Versions: PHPSecurePages (phpSP) versions 0.28beta and earlier Description: The issue allows remote attackers to execute arbitrary code via the `cfgProgDir` parameter. This is related to a remote file inclusion vulnerability in the secure.php file. Recommendations: For PHPSecurePages (phpSP) versions 0.28beta and earlier, consider restricting access to the `cfgProgDir` parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the `cfgProgDir` parameter in the affected secure.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.