NVD

Id
54249  
Name
CVE-2007-2079  
Description
The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified impact. NOTE: it could be argued that this is an issue in mssql_connect (CVE-2007-1411.1) in PHP, or an issue in the ADOdb Library, and the proper fix should be in one of these products; if so, then this should not be treated as a vulnerability in XAMPP.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-04-17  
Modified Date
2008-11-13  
Seq
2007-2079  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
275070 54249 CVE-2007-2079 3738  View
275071 54249 CVE-2007-2079 23491  View
275072 54249 CVE-2007-2079 xampp-mssqlconnect-bo(33683)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
56731 JVNDB-2007-005423 Windows 用の XAMPP におけるバッファオーバーフローの脆弱性 Windows 用の XAMPP の adodb.php の ADONewConnection Connect 関数は、データベースサーバのホスト名に信頼されていない入力を使用するため、バッファオーバーフローの脆弱性が存在します。 CVE-2007-2079 25434 CVE-2007-2079 54249 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005423.html 2007-04-17 2012-12-20 View