PT-2007-5448 · Php · Msql Extension+1

Netjackal

Published

2007-08-08

Updated

2018-10-15

CVE-2007-4255

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PHP version 5.2.3

Description A buffer overflow issue exists in the mSQL extension, allowing attackers to execute arbitrary code by providing a long first argument to the msql connect function.

Recommendations For PHP version 5.2.3, consider disabling the mSQL extension as a temporary workaround until a patch is available. Restrict access to the msql connect function to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-4255

Affected Products

Php

Msql Extension

PT-2007-5448 · Php · Msql Extension+1

CVE-2007-4255

Related Identifiers

Affected Products

References · 8