CVE-2007-1887 (retired)

Priority
Description
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite
library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows
context-dependent attackers to execute arbitrary code via an empty value of
the in parameter, as demonstrated by calling the sqlite_udf_decode_binary
function with a 0x01 character.
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-09-19 15:07:58 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)