CVE-2007-1378

Name of the Vulnerable Software and Affected Versions Ovrimos extension for PHP versions prior to 4.4.5

Description The issue is due to the ovrimos longreadlen function in the Ovrimos Extension not properly sanitizing user-supplied input, allowing context-dependent attackers to write to arbitrary memory locations via the result id and length arguments. This may allow an attacker to manipulate arbitrary portions of system memory and execute code, potentially gaining elevated privileges.

Recommendations For Ovrimos extension for PHP versions prior to 4.4.5, update to version 4.4.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the ovrimos longreadlen function until a patch is applied. Avoid using the result id and length arguments in the affected function until the issue is resolved.