Computer Security
[EN] securityvulns.ru no-pyccku


PHP dba_replace() DoS
Published:01.12.2008
Source:
SecurityVulns ID:9469
Type:library
Threat Level:
5/10
Description:It's possible to destroy ini-file content.
Affected:PHP : PHP 5.2
CVE:CVE-2008-7068 (The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file.)
Original documentdocumentMaksymilian Arciemowicz, SecurityReason : PHP 5.2.6 dba_replace() destroying file (01.12.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod