Description
Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent
attackers to execute arbitrary code via a long first argument to the
msql_connect function.
Notes
jdstrand> needs malicious script to be effective
kees> mSQL connector is not built in Debian/Ubuntu
Package
| Upstream: | released
(5.2.4)
|
Updated: 2019-01-14 21:42:49 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)