oval:org.mitre.oval:def:5348

Definition Id: oval:org.mitre.oval:def:5348
 
Oval ID: oval:org.mitre.oval:def:5348
Title: HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
Description: Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
Family: unix Class: vulnerability
Reference(s): CVE-2007-1887
Version: 9
Platform(s): HP-UX 11
Product(s):
Definition Synopsis: