New Search

HP-UX running Apache Remote Arbitrary Code Execution Cross Site Scripting (XSS)

oval:org.mitre.oval:def:5348

Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2007-1887
Product(s):