Description

Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.

Remediation

References

CVE-2007-1887

Related Vulnerabilities

WordPress Plugin YITH Desktop Notifications for WooCommerce Security Bypass (1.2.7)

Oracle Database Server CVE-2007-5505 Vulnerability (CVE-2007-5505)

SharePoint Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1860)

XWiki Improper Privilege Management Vulnerability (CVE-2023-26475)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3056)

Severity

High

Classification

CVE-2007-1887

Tags

Missing Update Known Vulnerabilities