Lucene search

PRIOn knowledge basePRION:CVE-2007-1888

HistoryApr 06, 2007 - 1:19 a.m.

Buffer overflow

2007-04-0601:19:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.4%

JSON

Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API.

CPENameOperatorVersion
phpeq4.3.9
phpeq4.0 beta1
phpeq5.1.5
phpeq5.1.2
phpeq4.0 beta4
phpeq4.2.0
phpeq5.1.1
phpeq4.4.4
phpeq5.0.0 beta1
phpeq4.1.0

Name	Operator	Version
php	eq	4.3.9
php	eq	4.0 beta1
php	eq	5.1.5
php	eq	5.1.2
php	eq	4.0 beta4
php	eq	4.2.0
php	eq	5.1.1
php	eq	4.4.4
php	eq	5.0.0 beta1
php	eq	4.1.0

Rows per page:

1-10 of 761

References

osvdb.org/39177

secunia.com/advisories/25057

www.attrition.org/pipermail/vim/2007-April/001540.html

www.mandriva.com/security/advisories?name=MDKSA-2007:091

www.php-security.org/MOPB/MOPB-41-2007.html

www.sqlite.org/cvstrac/rlog?f=sqlite/src/encode.c

www.ubuntu.com/usn/usn-455-1

exchange.xforce.ibmcloud.com/vulnerabilities/38518

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.4%

JSON

Related for PRION:CVE-2007-1888