Computer Security
[EN] securityvulns.ru no-pyccku


PHP mssql_connect() / mssql_pconnect() functions buffer overflow
Published:06.03.2007
Source:
SecurityVulns ID:7353
Type:local
Threat Level:
6/10
Description:Buffer overflow leads to code execution, resulting in sandbox protection bypass.
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
CVE:CVE-2007-1411 (Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions.)
Original documentdocumentretrog_(at)_alice.it, PHP <= 4.4.6 mssql_connect() & mssql_pconnect() local buffer overflow and safe_mode bypass (06.03.2007)
Files:PHP <= 4.4.6 mssql_connect() & mssql_pconnect() local buffer overflow poc exploit (and safe_mode bypass)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod