CVE-2007-4528

Name of the Vulnerable Software and Affected Versions PHP version 5.0.5

Description The issue allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL, such as kernel32.dll, and calling a function, for example, the WinExec function, due to the Foreign Function Interface (ffi) extension not following safe mode restrictions.

Recommendations For PHP version 5.0.5, consider disabling the Foreign Function Interface (ffi) extension as a temporary workaround until a patch is available. Restrict access to arbitrary DLLs to minimize the risk of exploitation. Avoid using the ffi extension to load and call functions from arbitrary DLLs until the issue is resolved.