Published: 21/08/2007 Updated: 29/09/2017

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 475

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and previous versions allows context-dependent malicious users to execute arbitrary code via a long string in the filename argument to the win_browse_file function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php

<?php // ================================================================================== // // php_win32stidll PHP <= 520 (win32) Buffer Overflow // // [x] Discovery: boecke <boecke@herzeleidnet> // [x] Risk: Local Buffer Overflow (Medium - High Risk) // [x] Notes: EDX and EIP are able to be controlled and therefore // ...

<?php ########################################################## ###----------------------------------------------------### ###--------PHP win32std Buffer Overflow Exploit--------### ###----------------------------------------------------### ###-Tested on:-PHP 523-------------------------------### ###------------Windows XP SP2 Eng------------ ...

<?php /* Inphex 317 Bytes , Windows Command Shell Bind TCP Inline , Architecture x86 , Windows TinyXP - vm GET /scriptphp HTTP/11\n telnet 192168232 4444 Microsoft Windows XP [Version 512600] (C) Copyright 1985-2001 Microsoft Corp C:\apache> 7ffdf020 7c911005 7c9110ed 00000001 00000000 shoutz go to Kevin Finisterre */ if(!funct ...

NVD-CWE-Other http://www.securityfocus.com/bid/25414 https://exchange.xforce.ibmcloud.com/vulnerabilities/36118 https://www.exploit-db.com/exploits/4293 https://nvd.nist.gov https://www.exploit-db.com/exploits/4293/

CVE-2007-4441

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect