CVE-2007-3294

Priority
Description
Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP
5.2.3 and possibly other products, allow context-dependent attackers to
execute arbitrary code via (1) a long second argument to the
tidy_parse_string function or (2) an unspecified vector to the
tidy_repair_string function. NOTE: this might only be an issue in
environments where vsnprintf is implemented as a wrapper for vsprintf.
Notes
keeslocal malicious script
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-10-09 08:05:52 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)