Description
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-2000-0631)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4402)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-6819)
Java Denial of Service (DoS) Vulnerability (CVE-2019-2762)
WordPress Plugin WP-Invoice-Web Invoice and Billing Multiple Vulnerabilities (4.1.0)