Description
Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent
attackers to execute arbitrary code via a long first argument to the
msql_connect function.
Notes
jdstrand> needs malicious script to be effective
kees> mSQL connector is not built in Debian/Ubuntu
Package
| Upstream: | released
(5.2.4)
|
Updated: 2019-08-23 08:18:35 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)