CVE-2007-1411
published 2007-03-10CVE-2007-1411: Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server…
PriorityP337medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
7.42%
93.7th percentile
Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | <= 4.4.6 | — |
| xampp | apache_distribution | <= 1.6.0a | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-98r7-fvm5-pv89: The ADONewConnection Connect function in adodb
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2007-2079 [MEDIUM] GHSA-98r7-fvm5-pv89: The ADONewConnection Connect function in adodb
The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified impact. NOTE: it could be argued that this is an issue in mssql_connect (CVE-2007-1411.1) in PHP, or an issue in the ADOdb Library, and the proper fix should be in one of these products; if so, then this should not be treated as a vulnerability in XAMPP.
GHSA
GHSA-7vjj-xv8c-grpq: Buffer overflow in PHP 4
ghsa_unreviewed·2022-05-01
CVE-2007-1411 [MEDIUM] GHSA-7vjj-xv8c-grpq: Buffer overflow in PHP 4
Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions.
Red Hat
CVE-2007-1411: Buffer overflow in PHP 4
vendor_redhat·CVSS 6.8
CVE-2007-1411 [MEDIUM] CVE-2007-1411: Buffer overflow in PHP 4
Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions.
Statement: Not vulnerable. PHP as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5 does not include mssql support.
No detection rules found.
No writeups or analysis indexed.
http://retrogod.altervista.org/php_446_mssql_connect_bof.htmlhttp://secunia.com/advisories/24353http://securityreason.com/securityalert/2407http://www.securityfocus.com/archive/1/462010/100/0/threadedhttp://www.securityfocus.com/bid/22832http://www.vupen.com/english/advisories/2007/0867https://exchange.xforce.ibmcloud.com/vulnerabilities/32885http://retrogod.altervista.org/php_446_mssql_connect_bof.htmlhttp://secunia.com/advisories/24353http://securityreason.com/securityalert/2407http://www.securityfocus.com/archive/1/462010/100/0/threadedhttp://www.securityfocus.com/bid/22832http://www.vupen.com/english/advisories/2007/0867https://exchange.xforce.ibmcloud.com/vulnerabilities/32885
2007-03-10
Published