CVE-2007-1475

Php < 4.4.6 - Buffer Overflow

Title source: rule

Description

Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phplocalwindows

https://www.exploit-db.com/exploits/3488

View Code ZIP pw:eip

References (7)

[Third Party Advisory] http://secunia.com/advisories/24529

[Broken Link] http://retrogod.altervista.org/php_446_ibase_connect_bof.html

[Exploit, Third Party Advisory] http://securityreason.com/securityalert/2439

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/462931/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22976

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/33019

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/3488

Scores

EPSS 0.0170

EPSS Percentile 82.3%

Details

Status published

Products (1)

php/php < 4.4.6

Published Mar 16, 2007

Tracked Since Feb 18, 2026