Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-1888

Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API.

Related bugs and status

CVE-2007-1888 (Candidate) is related to these bugs:

Bug #138149: [Fake sync] sqlite (2.8.17-2.1build1) from Debian unstable

Summary				In	Importance	Status
	138149	[Fake sync] sqlite (2.8.17-2.1build1) from Debian unstable		sqlite (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.php-securit...
MISC: http://www.sqlite.org/...
VIM: 20070422 vendor ack/cl...
UBUNTU: USN-455-1
SECUNIA: 25057
MANDRIVA: MDKSA-2007:091
OSVDB: 39177
XF: sqlite-sqlitedecodebin...