NVD

Id
54057  
Name
CVE-2007-1887  
Description
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-04-05  
Modified Date
2012-11-05  
Seq
2007-1887  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
274184 54057 CVE-2007-1887 SSRT071447  View
274185 54057 CVE-2007-1887 oval:org.mitre.oval:def:5348  View
274186 54057 CVE-2007-1887 DSA-1283  View
274187 54057 CVE-2007-1887 GLSA-200710-02  View
274188 54057 CVE-2007-1887 MDKSA-2007:088  View
274189 54057 CVE-2007-1887 MDKSA-2007:089  View
274190 54057 CVE-2007-1887 http://www.php-security.org/MOPB/MOPB-41-2007.html  View
274191 54057 CVE-2007-1887 http://www.php.net/releases/5_2_1.php  View
274192 54057 CVE-2007-1887 http://www.php.net/releases/5_2_3.php  View
274193 54057 CVE-2007-1887 23235  View
274194 54057 CVE-2007-1887 USN-455-1  View
274195 54057 CVE-2007-1887 ADV-2007-2016  View
274196 54057 CVE-2007-1887 ADV-2007-3386  View
274197 54057 CVE-2007-1887 php-sqlitedecodebinary-bo(33766)  View
274198 54057 CVE-2007-1887 FEDORA-2007-2215  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
51761 JVNDB-2007-000424 PHP sqlite ライブラリの sqlite_decode_binary() 関数におけるバッファオーバーフローの脆弱性 PHP sqlite ライブラリにおける sqlite_decode_binary() 関数にはバッファオーバーフローの脆弱性が存在します。 CVE-2007-1887 25242 CVE-2007-1887 54057 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000424.html 2007-03-31 2007-10-12 View