Vulnerabilities

CVE-2007-1887

by Fred · 05/04/2007

Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.

Date published : 2007-04-05

http://www.securityfocus.com/bid/23235

http://www.php.net/releases/5_2_1.php

Similar

Tags: Cybersecurity Alert