CVE-2007-1888 (retired)

Priority
Description
Buffer overflow in the sqlite_decode_binary function in src/encode.c in
SQLite 2, as used by PHP 4.x through 5.x and other applications, allows
context-dependent attackers to execute arbitrary code via an empty value of
the in parameter. NOTE: some PHP installations use a bundled version of
sqlite without this vulnerability. The SQLite developer has argued that
this issue could be due to a misuse of the sqlite_decode_binary() API.
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.2.2)
Package
Upstream:needs-triage
More Information

Updated: 2019-09-19 15:07:59 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)