Description
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
Remediation
References
Related Vulnerabilities
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3818)
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Request Forgery (7.8)
WordPress 4.0.x Prototype Pollution (4.0 - 4.0.34)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6625)