Description
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
Remediation
References
Related Vulnerabilities
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-11784)
Oracle Database Server Other Vulnerability (CVE-2005-3206)
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.15)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-6630)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4589)