Description

Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.

Remediation

References

CVE-2007-0909

Related Vulnerabilities

WordPress Plugin Twitch Player Cross-Site Scripting (2.1.0)

Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-8163)

Plone arbitrary code execution

Joomla Improper Input Validation Vulnerability (CVE-2006-4468)

WordPress Plugin Kino Gallery TimThumb Arbitrary File Upload (1.0)

Severity

High

Classification

CVE-2007-0909

Tags

Missing Update Known Vulnerabilities