CVE-2007-1887

Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.

🔗 References (42)

• cve@mitrehttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
• cve@mitrehttp://secunia.com/advisories/24909
• cve@mitrehttp://secunia.com/advisories/25057
• cve@mitrehttp://secunia.com/advisories/25062
• cve@mitrehttp://secunia.com/advisories/27037
• cve@mitrehttp://secunia.com/advisories/27102
• cve@mitrehttp://secunia.com/advisories/27110
• cve@mitrehttp://www.debian.org/security/2007/dsa-1283
• cve@mitrehttp://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
• cve@mitrehttp://www.mandriva.com/security/advisories?name=MDKSA-2007:088
• cve@mitrehttp://www.mandriva.com/security/advisories?name=MDKSA-2007:089
• cve@mitrehttp://www.php-security.org/MOPB/MOPB-41-2007.html
• cve@mitrehttp://www.php.net/releases/5_2_1.php
• cve@mitrehttp://www.php.net/releases/5_2_3.php
• cve@mitrehttp://www.securityfocus.com/bid/23235