| Revision Date: | 2015-04-20 | Version: | 25 | | Title: | HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) | | Description: | Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2007-1887
| | Platform(s): | HP-UX 11
| Product(s): | | | Definition Synopsis | | Criteria meets HP Security Bulletin HPSBUX02262 platforms
HP-UX B.11.23
OR HP-UX B.11.31
OR HP-UX B.11.11
AND hpuxwsAPACHE version is less than B.2.0.59.00
OR Criteria meets HP Security Bulletin HPSBUX02262
HP-UX B.11.11
AND hpuxwsAPACHE version is less than A.2.0.59.00
|
|